Largest Recorded Cyberattacks at Danish Energy Infrastructure

November 14, 2023


This past May, Danish critical infrastructure suffered the most extensive cyber-related attack it ever experienced in Denmark to date. In all, 22 companies that operate parts of the Danish energy infrastructure ended up compromised in a coordinated attack, according to a report by SektorCERT. The result was the attackers gained access to some of the companies’ industrial control systems and several companies had to go into island mode operation.

The attacks began on May 11, followed by 10 days of inactivity. A second wave of attacks began on May 22 when SektorCERT received an alert that one of its members had downloaded new firewall software over an insecure connection. Whether the attack came from servers associated with a unit of Russian military hackers popularly known as Sandworm cannot be said with certainty. Individual indicators of this have been observed, but we have no opportunity to neither confirm nor deny it, states the SektorCERT report.

Incident Date

May 11, 2023



Estimated Cost

No cost values disclosed.

Type of Malware

Threat Source