Cyber Incident Victim: Saxony

On October 12, 2023, the official website of the City of Dresden, dresden.de, experienced a distributed denial-of-service (DDoS) attack that temporarily disrupted public access to its online services. The cyberattack began during business hours and rendered the municipal website partially or completely inaccessible to users attempting to access information or services. Attackers coordinated a high-volume flood of artificial traffic directed at the city's web infrastructure, overwhelming its capacity to respond to legitimate requests—a characteristic method of DDoS operations. Municipal authorities detected the anomalous activity and activated defensive protocols to mitigate the attack's impact on civic operations. By approximately 3:30 PM local time, technical teams successfully restored full functionality to dresden.de, concluding the service disruption within hours of its onset.

Prof. Dr. Michael Breidung, Head of Dresden's Municipal IT Service, publicly confirmed the cyber incident late that afternoon, emphasizing that predefined security measures effectively contained the attack and prevented escalation or secondary compromises. The defensive response included traffic filtering, attack source identification, and resource allocation adjustments to maintain critical operations despite the artificial load surge. No evidence suggested data exfiltration, system infiltration, or persistent malware implantation during the incident. The primary operational consequence remained limited to temporary public unavailability of the city's informational portal, with no reported downstream impacts on internal municipal systems or physical infrastructure. Dresden's cybersecurity team maintained continuous monitoring throughout the incident and conducted post-event forensic reviews to validate system integrity before declaring full restoration of services.