Cyber Incident Victim: Stadt Garching
Date:
Feb 2025
Location:
Germany
Summary
A cyberattack involving a DDoS incident disrupted access to the websites of a municipality and a regional administrative office, rendering them intermittently or fully inaccessible for extended periods. The attack overwhelmed servers with excessive traffic, prompting technical service providers to implement emergency measures including a temporary redirect for one site while working to restore normal operations. Both entities' web presences remained unstable, with accessibility varying by network provider during recovery efforts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 13, 2025, the city of Garching experienced a cyberattack targeting its official municipal website (www.garching.de), rendering the platform inaccessible throughout the morning and evening hours. The attack was identified as a distributed denial-of-service (DDoS) incident, where attackers deliberately flooded the city's web servers with excessive traffic volumes that exceeded processing capacity. This overload caused complete service disruption for residents attempting to access public information or services through the primary domain. Municipal authorities confirmed the nature of the attack in an official statement, clarifying that no data breaches or unauthorized system infiltrations occurred beyond the service interruption. By evening, the city's technical service provider implemented an interim solution redirecting users from the main URL to a functional version of the homepage, restoring basic access while investigations continued. The incident marked the first confirmed disruption, with no prior outages reported in the immediate preceding days.
On February 14, 2025, authorities disclosed that the Munich County administrative office (Landratsamt München) also suffered service disruptions affecting its website (www.landkreis-muenchen.de), with intermittent outages occurring since February 13. The county's press office confirmed sporadic accessibility issues persisting through the morning of February 14, noting that connectivity depended on users' network providers. Both the city and county websites relied on the same external technical service provider, which assumed responsibility for mitigating the attacks and restoring full functionality. The provider prioritized resolving the infrastructure overload but did not publicly specify whether both entities faced identical attack vectors or coordinated assaults. No additional municipal systems beyond the public-facing websites were reported compromised. Service restoration timelines remained unspecified beyond the temporary redirect implemented for Garching’s site, leaving residents with inconsistent access to critical digital services during the incident period. The disruptions hindered public access to administrative information and online resources without alternative channels being mentioned in official communications.