Menu
Browse

Cyber Incident Victim: Bornholms Lufthavn

Date:

Feb 2024

Location:

Denmark

Summary

Bornholms Lufthavn experienced a DDoS attack that temporarily made its website inaccessible, part of a broader wave targeting several transport sites and municipalities. The pro‑Russian hacker group NoName57(16) claimed responsibility via Telegram, stating their “DDoS missiles” hit multiple targets and aimed to create digital unrest without seeking data theft. Experts noted such attacks aim to overload services and cause short‑term disruption rather than long‑term harm.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 2 motives 1 technique
Threat Actor Type Location
1 actor Available to members Available to members

Description

On Sunday 25 February 2024 a series of distributed denial‑of‑service attacks began targeting several Danish airports and government bodies, with Bornholms Lufthavn among the affected organisations. The attack overwhelmed the airport’s public website, making it periodically inaccessible to users attempting to access flight information or other online services. Simultaneously, the same wave of DDoS activity struck the municipalities of Thisted and Odense on Sunday, and later on Monday extended to Horsens, Helsingør and Vejle. The pro‑Russian hacking collective NoName57(16) claimed responsibility for the incidents via Telegram, stating that their “DDoS missiles” had hit three transport websites and a municipality and that they intended to give Denmark an unforgettable weekend.

Cyber Incident Image

Bornholms Lufthavn’s manager Jimmi Holm Hansen described the incident as irritating and frustrating, noting that the attackers had specifically targeted the airport’s homepage. The airport first became aware of the disruption on Saturday when its IT provider reported the ongoing DDoS attempt. Following that notification, the weekend remained unusually quiet with no passenger complaints and normal operations continued despite the website outage. In contrast, Thisted Kommune treated the attack more seriously and convened a meeting to discuss the impact and possible follow‑up actions. IT experts quoted in the coverage explained that the primary goal of such DDoS campaigns is to sow unease in a highly digitalised society rather than to exfiltrate personal or sensitive data. While Ritzau noted that DDoS attacks are difficult to prevent, they are generally not harmful in the long term because they aim to deny service rather than to breach information systems.

Sources
Sources available to members
1 source