Cyber Incident Victim: Liechtensteinische Landesverwaltung

On July 8, 2024, at approximately 12:00 local time, the website of the Liechtensteinische Landesverwaltung (LLV) at www.llv.li became unreachable due to a distributed denial-of-service (DDoS) attack targeting its service providers. Concurrently, the website of the Liechtenstein government at www.regierung.li experienced similar disruption from the same attack campaign. While the government website's functionality was restored following incident response measures, the LLV site remained offline as of the initial reporting period. The attacks involved coordinated, high-volume traffic floods designed to overwhelm the infrastructure supporting these domains, rendering them inaccessible to legitimate users. Technical teams detected the anomalous activity promptly after its onset and initiated predefined countermeasures to mitigate the impact. No evidence indicated data exfiltration or system breaches beyond the service availability disruption.

A pro-Russian hacker group publicly claimed responsibility for the attacks, though the article did not specify the group's identity or motives. The LLV and government cybersecurity personnel collaborated with their internet service providers to implement traffic filtering and rerouting strategies to contain the attacks. Investigations were launched to determine the attack vectors and identify potential vulnerabilities exploited during the incident. Authorities emphasized that DDoS attacks aim solely to disrupt service availability through artificial resource exhaustion, distinguishing them from data theft or system infiltration operations. The LLV website remained non-operational during the initial response phase while mitigation efforts continued, though restoration timelines were not disclosed. Public communications were managed through the Ministry of the Presidency and Finance, which confirmed the incident's technical scope and assured stakeholders of ongoing remediation work.