Cyber Incident Victim: Danish Ministry of Immigration
Date:
Sep 2017
Location:
Denmark
Summary
A cyber attack attributed to a Turkish hacker group disrupted operations at two Danish government ministries, including the Ministry of Immigration, through a DDoS attack that rendered its website inaccessible. The group Aslan Neferler Tim claimed responsibility on social media, citing the Immigration Minister's public endorsement of controversial Mohammed cartoons as motivation. While the ministry acknowledged the coincidental timing of the attack relative to the minister's statements, it did not officially confirm the perpetrators. The incident also affected the Ministry of Foreign Affairs, though specific impacts beyond service disruptions were not detailed. Authorities indicated further information would be released pending additional investigation into the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On September 28, 2017, a cyber attack disrupted the online operations of Denmark’s Ministry of Immigration and Ministry of Foreign Affairs. The attack, identified as a distributed denial-of-service (DDoS) incident, rendered the Ministry of Immigration’s website inaccessible starting Wednesday, with the platform remaining offline at the time of the article’s publication. A Turkish hacker collective named Aslan Neferler Tim publicly claimed responsibility for the attack through Facebook posts, though Danish authorities had not yet officially verified this claim at the time of reporting. The group explicitly linked its actions to Immigration Minister Inger Støjberg’s social media activity earlier that week, in which she endorsed Denmark’s controversial 2005 publication of cartoons depicting the Prophet Mohammed. The attack coincided with heightened tensions surrounding free speech debates in Denmark, though no direct evidence beyond the hackers’ statement confirmed this motivation.
The incident prompted a public response from Minister Støjberg, who acknowledged the temporal correlation between her social media posts and the cyber attack during an interview with TV2 but stopped short of attributing blame to the Turkish group. She characterized the timing as noteworthy but emphasized that authorities lacked conclusive information to validate the hackers’ claims. The Ministry of Immigration committed to releasing further details once its internal investigation progressed, though no specific timeline for restoration or additional mitigation measures was disclosed in the immediate aftermath. Operational impacts appeared confined to website accessibility, with no reports of data breaches or compromised internal systems. The Ministry of Foreign Affairs’ involvement was mentioned without elaboration on the scope or duration of its disruptions. No collateral effects on other government services or third-party systems were documented in the available reporting.