Cyber Incident Victim: Aarhus Kommune
Date:
Feb 2024
Location:
Denmark
Summary
Aarhus Kommune experienced a DDoS attack on its website provider Cabana that temporarily took the municipal site offline, though officials said no lasting damage occurred and citizens’ data were never at risk. The municipality noted it faces thousands of hacking attempts each day, many originating from Russia, anticipating an increase in frequency and sophistication. In response, the municipality has begun collaborating with external partners, including the Center for Cyber Security, and is advancing its Security Tech Space initiative to strengthen defenses.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On Monday, 26 February 2024, a citizen noticed that Aarhus Kommune’s website was inaccessible and reported the issue, prompting the municipality to recognize an ongoing disruption. The outage was traced to a distributed denial‑of‑service (DDoS) attack targeting the website’s hosting provider, Cabana, which overwhelmed the service and caused the site to go offline. According to the statement from Stadsdirektør Martin Østergaard Christensen, the website remained down from approximately 08:00 to 10:30 local time before normal access was restored. He emphasized that the attack was limited to the public website and its subpages, with no compromise of internal systems or citizen data. Chef for fælles IT og Digitalisering Lone Juric Sørensen confirmed that the incident did not result in any lasting damage or data breach, and that residents’ personal information was never at risk during the event.
In response, municipal officials acted swiftly and competently, issuing public statements to reassure citizens that the disruption was short‑lived and that data security remained intact. Lone Juric Sørensen noted that the municipality routinely detects thousands of hacking attempts each day, a significant portion originating from Russian sources, and anticipates that both the frequency and sophistication of such attacks will increase. To address the evolving threat landscape, Aarhus Kommune has intensified its cybersecurity efforts, including collaboration with external partners, participation in the Security Tech Space initiative, and coordination with the Center for Cybersikkerhed and other governmental bodies. The officials also communicated guidance to residents, advising them to remain skeptical of unsolicited emails or text messages requesting personal data and to treat any unexpected communication from the municipality that arrives outside their usual secure digital post as a potential warning sign. These actions reflect the municipality’s ongoing commitment to monitoring threats, strengthening defenses, and maintaining transparency with the public.