Denmark's Centre for Cyber Security

Denmark's Centre for Cyber Security is the national authority responsible for monitoring cyber threats and issuing alerts to protect the country's digital infrastructure. It raises the national cyber threat level when significant malicious activity is detected, as it did in January 2023 following a series of distributed denial‑of‑service attacks attributed to the pro‑Russian groups Killnet and NoName057. The centre provides warnings and guidance to sectors such as banking, defence, health care and government. It maintains a public website that publishes advisories and can itself be taken offline by attacks. Its analysis of the January 2023 incident highlighted how the attackers exploited misconfigured routers and Internet‑of‑Things devices to generate overwhelming traffic.

The organisation is headquartered in Denmark and serves the entire nation, focusing on threat detection and response for critical national infrastructure. Its distinguishing attributes include the authority to set the national cyber threat level, the production of timely alerts based on observed attack patterns, and the role of communicating those alerts to relevant stakeholders. While the source material does not disclose staff size, budget or formal ownership structure, the incident demonstrates that the centre actively monitors international threat actors. Foreign authorities commented on the same campaigns. The centre maintains an online presence that can be targeted by adversaries.