Cyber Incident Victim: Danish Ministry of Defence
Date:
Feb 2024
Location:
Denmark
Summary
The Danish Ministry of Defence experienced a distributed denial‑of‑service attack that rendered several of its websites inaccessible for roughly an hour. The Center for Cyber Security reported the overload and said it was coordinating with relevant partners on mitigating measures. The ministry’s Materiel‑and Procurement Agency, which oversees IT and cyber security for the defence sector, confirmed the outage and noted that such attacks occur periodically but that the agency is well equipped to handle them. After the incident, additional security measures were put in place, which may temporarily affect some website functions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 23, 2024, the Danish Ministry of Defence experienced a cyber attack that targeted its online presence. The attack was identified as a distributed denial‑of‑service (DDoS) overload aimed at multiple websites within the Ministry’s conglomerate. According to the Centre for Cyber Security, the overload caused several of those websites to become inaccessible. The Defence Materiel and Procurement Agency, responsible for IT and cyber security across the defence sector, confirmed to TV 2 that the disruption began at 10:45 a.m.
The agency reported that the affected websites remained down for approximately one hour before service was restored. The Centre for Cyber Security stated that it was in dialogue with relevant partners to implement mitigating measures during the incident. The agency noted that DDoS attacks of this nature occur periodically, but that its existing defenses are generally sufficient to handle them. Following the attack, additional security measures were deployed to prevent further disruption.
As a result of those post‑incident safeguards, some functions on the Ministry’s websites may currently operate sub‑optimally. The incident did not involve data breach or compromise of internal systems, only temporary denial of service to public‑facing sites. Officials emphasized that the response focused on restoring availability and monitoring for any residual effects. The Ministry continues to assess the effectiveness of the mitigations applied after the DDoS event.