DDoS attack on Saxony-Anhalt: Chaos caused by pro-Russian hackers!

DDoS attack on Saxony-Anhalt: Chaos caused by pro-Russian hackers!

What could be going on in the digital world? Reports of DDoS attacks are increasing, and the effects can also be felt in Germany. On July 11, 2025, the cyber attack group “NoName057(16)” targeted the online portal of the state of Saxony-Anhalt. A massive DDoS attack meant that several state ministry websites were temporarily unavailable. According to a spokesman for the Ministry of Infrastructure and Digital Saxony-Anhalt, access to the online presence has now been restored. The state's websites are maintained by the IT service provider Dataport, which is also responsible for other federal states such as Schleswig-Holstein, Hamburg and Bremen - but no such incidents occurred there.

The hacker group NoName057(16) has now established itself as one of the most active actors in cyber space. In recent months they have increased their attacks on German organizations. “We have taken the websites offline,” the group itself announced, while it was blamed for the disruptions at prominent companies such as Bayerische Landesbank, BayWa AG and many more dailysecurityreview.com. But it's not just commercial companies that are targeted; Leading cities such as Hanover, Düsseldorf and even our beloved city of Cologne are also affected.

The DDoS threat in Europe

DDoS attacks have become the most active form of cyberattacks in Europe, accounting for an impressive 41.1% of all documented cyberattacks between July 2023 and June 2024, according to a report by the European Cybersecurity Agency (ENISA). These attacks overload servers with massive requests, often leading to temporary outages. In contrast, ransomware attacks follow as the second largest threat at 25.8%, according to this sophos-central.com.

The geopolitical situation, particularly the Ukraine conflict, appears to be a central driver for such cyberattacks. Many attacks are politically motivated, which explains the recent attacks on German organizations and cities. “NoName057(16)” also often works with other hacker groups such as Keymous+ and Dark Storm, which makes the threat situation even more complicated. For companies, this means that they must pay more attention to cybersecurity, rethink their hardware and software infrastructures and develop contingency plans for possible attacks.

Conclusion and warning

The situation is serious and makes it clear that there is a lot at stake in the virtual world. The attacks by NoName057(16) are not only a burden on the technical systems, but also on the security of the data. Experts recommend implementing DDoS protection measures to maintain access to services even during such disruptions.

Let's come back to Saxony-Anhalt: There have already been serious cyber incidents there in the past that led to the deployment of the cyber disaster event. At that time, the servers of the Anhalt-Bitterfeld district were affected, and the BSI's analysis pointed to pro-Russian hackers as being responsible. It seems as if the threat situation will not abate and for many it is more than just a short-term nuisance.

As you can see, what is happening in cyberspace remains exciting. The developments show that companies and public institutions are well advised to take proactive measures against these types of threats.