Cyber Incident Victim: Landespolizei Mecklenburg-Vorpommern
Date:
Oct 2023
Location:
Germany
Summary
The Landespolizei Mecklenburg-Vorpommern experienced cyberattacks targeting its online services, including the Onlinewache and MV-Serviceportal, which resulted in restricted accessibility due to server overload from mass automated requests. IT specialists identified similarities to a prior attack and worked to mitigate further waves by blocking identified attackers, though the police maintained operational continuity through physical stations and phone services. The incident did not disrupt core police functions despite temporary limitations to digital platforms.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On October 31, 2023, the Landespolizei Mecklenburg-Vorpommern experienced cyberattacks targeting its public-facing web services, specifically the Onlinewache (online police station) and the MV-Serviceportal. The attacks began on Tuesday evening and persisted into Wednesday, prompting an official statement from the state’s Interior Ministry in Schwerin. IT specialists at the Datenverarbeitungszentrum M-V (Data Processing Center Mecklenburg-Vorpommern) detected a sharp, abnormal increase in traffic volume directed at these portals, consistent with a deliberate attempt to overwhelm servers through mass automated requests. This technique mirrored a previous attack against the same systems in April 2023, as noted by Interior Minister Christian Pegel (SPD), who characterized the incident as a distributed denial-of-service (DDoS) style assault aimed at disrupting service availability. The sustained barrage of malicious traffic forced authorities to implement partial access restrictions, rendering the Onlinewache intermittently or minimally accessible to the public during the attack window.
Technical teams responded by identifying and blocking traffic from confirmed attacker nodes while deploying countermeasures to absorb or deflect subsequent attack waves. Despite the operational strain on digital services, the police emphasized that core law enforcement functions remained unaffected, with physical stations and telephone lines operating normally to maintain public access. Forensic analysis remained ongoing at the time of reporting, with no immediate claims of responsibility or additional compromise vectors disclosed. The incident followed a separate August 2023 cyberattack targeting the broader Mecklenburg-Vorpommern government portal, though authorities did not explicitly link the two events. Mitigation efforts focused on restoring full service availability while hardening defenses against comparable volumetric attacks, reflecting a recurring threat pattern against the state’s digital infrastructure.