Cyber Incident Victim: Landesregierung Mecklenburg-Vorpommern
Date:
Aug 2023
Location:
Germany
Summary
Landesregierung Mecklenburg-Vorpommern reported that its websites, including those of ministries, subordinate authorities, the police portal and the MV service portal, were targeted by a distributed denial-of-service attack that overwhelmed servers with excessive traffic. Security teams observed the surge, activated alerts, and confirmed that defensive measures kept the impact minimal, while officials noted the possibility of further activity and remained on standby.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Thursday morning, IT specialists from the Landesregierung's service provider DVZ and the computer emergency response team CERT M-V observed a sharp increase in requests to various government websites in Mecklenburg-Vorpommern. The affected sites included the portals of several ministries and subordinate authorities, the public homepage of the state police, and the MV-Serviceportal, all hosted and maintained by DVZ. Initial analysis indicated that the traffic surge was part of a distributed denial-of-service attempt aimed at overloading the servers with massive numbers of requests. In response, DVZ and CERT M-V were immediately placed on heightened alert status to monitor and mitigate the activity. The escalation was detected early in the day, prompting the activation of existing defensive measures.

By early afternoon, officials confirmed that the implemented security measures were functioning as intended and that the attack had largely failed to disrupt services. A spokesperson, identified as Pegel, stated that the defensive actions had kept the impact minimal and that the servers remained operational despite the heightened request volume. The responsible minister noted that while the current incident had been mitigated, the possibility of a renewed attack over the upcoming weekend could not be ruled out. Consequently, the minister announced that IT specialists would continue to maintain alert readiness to enable an immediate response if further malicious activity emerged. The teams remained on standby throughout the remainder of the day and into the weekend to safeguard the government's online presence.
