Cybersecurity
Cyber security is also relevant for private businesses
Last year, 14% of large Danish companies were hit by cyber attacks. What types of attacks should you be aware of and how can you prevent them?
My workplace is far too insignificant to be targeted by cyber criminals.
If your company isn't involved in critical infrastructure, politics or other areas of national importance, why would anyone be interested in taking down your website or stealing data from your systems?
Unfortunately, that's not how cyber crime works.
While public sector organisations and critical infrastructure providers have attracted most of the media attention around cyber crime in Denmark, private businesses are increasingly finding themselves in the firing line.
According to a report prepared by Ipsos on behalf of TDC Erhverv, the proportion of large companies affected by cyber crime increased from 6% to 14% between 2024 and 2025. Among medium-sized companies, the figure rose from 5% to 13% over the same period. (1)
These attacks are not only aimed at destroying or stealing, but also at creating widespread insecurity and undermining societal cohesion. Therefore, all businesses are at risk, regardless of industry or size. And all companies should take precautions.
In their latest threat assessment (November 2025), the Danish National Board of Defence states that the cyber threat to Denmark is serious. Not since the Second World War has Denmark been in such a high-risk situation. And the nature of the threat is constantly changing, as hackers are constantly adopting new methods. (3) This is why the cyber threat is difficult to relate to - but all the more important to stay informed so that you can protect yourself as best you can.
Let's take a look at the types of attacks that currently dominate the threat landscape in Denmark, which you should be particularly aware of and what you can do to secure your business or organisation against them.
Ransomware attacks: When your data and systems are taken hostage
In ransomware attacks, hackers encrypt your IT systems and data so you can't access them. This paralyses your business operations. Typically, the hackers demand a ransom to decrypt the systems. If you can't find the right decryption key yourself and you don't pay the ransom, it can have a significant impact on your business operations and possibly even survival. In addition, your customers' trust in your business could be seriously damaged.
Some businesses succumb to ransomware attacks because they don't have the human or financial resources to solve the problem. As small and medium-sized businesses often have fewer resources to protect themselves, they are very vulnerable to ransomware attacks, and the Danish Social Security Authority generally assesses that there is a high risk of being hit by this type of cyberattack.
It is mainly criminal - and to a lesser extent governmental and activist - hackers who use ransomware attacks. (5)
Data theft: When hackers steal or sell your data
Some of your company's data can be interesting to steal. Either because it can be sold to third parties or because the perpetrators can use the information themselves, for example to develop new technology. Often, you won't realise (at least not right away) that data is being stolen, as hackers simply take data - such as login or personal data - and sell it on criminal marketplaces. System access via stolen logins can be of great value to other cybercriminals who can then avoid hacking into corporate systems.
Data theft also often takes the form of cyber espionage, where foreign states want to gain insight into foreign, security and defence policy areas, or where they see value in stealing knowledge from internationally recognised Danish research institutions. In recent years, companies and organisations in the healthcare, energy, transport and trade sectors have also experienced an increased threat of cyber espionage in the wake of the Covid-19 pandemic and the war in Ukraine (6)
Digital fraud: When emails arrive from the CEO who isn't the CEO
Digital fraud is here and there and everywhere, affecting ordinary citizens. For example, when they receive text messages about parcels detained in customs, or when they are tricked into thinking they are online dating Brad Pitt, who now needs money to pay his hospital bills.
But businesses are also vulnerable to digital fraud. Perhaps you've received an email from your boss, only to realise that it wasn't your boss who wrote it. In Guldborgsund Municipality a few years ago, criminal hackers managed to rob the municipality of "more than DKK 1.3 million by first compromising an employee's email account and then, using this email account, sending invoices for payment to the municipality's finance department." (4)
We all think we're too smart to be fooled, but hackers are getting better and better at finding new methods.
DDoS attacks: When overloading your systems blocks "real" users
Even if you haven't necessarily heard the technical term, you've certainly come across examples of DDoS attacks in recent years. For example, during the municipal and regional elections in November 2025, a number of Danish municipalities' websites were taken down by pro-Russian hackers to disrupt the elections.
A DDoS attack is an overload of your systems - such as your website - so that your "real" users cannot gain access. Pro-Russian groups are the main targets of this type of attack, often targeting authorities and companies in critical infrastructure. These include organisations in the financial, transport, energy and telecommunications sectors. According to the attackers, it is not about the individual company, but about punishing Denmark as a country. Among other things, because of Danish support for Ukraine. By attacking centralised systems, the attackers can disrupt critical societal functions for shorter or longer periods of time and thereby influence the population and political decision-makers.
But DDoS attacks can also act as a diversionary manoeuvre that takes companies' focus away from other attacks such as data theft. (7)
Why is security crucial in your organisation too?
The four types of attacks described above are the types of cyberattacks most at risk in Denmark at the moment. But it's important to emphasise that this is not a complete threat picture. Both because other types of attacks already exist and because hackers are constantly inventing new methods and becoming more adept at finding holes they can penetrate.
For example, zero-day attacks are becoming more and more common. In a zero-day attack, hackers exploit previously unknown digital vulnerabilities even before companies and software vendors become aware of them. The term refers to the fact that the vendor has had zero days to fix the bug and close the hole with a software update.
Unknown vulnerabilities are worth a lot to those who want to harm you or your business because they give hackers extra time to target exactly where an attack will do the most damage.
And while it's hard to imagine why Russian or other hackers would have any interest whatsoever in your - perhaps internationally unknown - business, it's important to put yourself in the hacker's shoes: It's not necessarily about someone wanting to destroy - or steal something from - your specific business. It's at least as much about hitting broadly to damage Denmark as a whole. But nevertheless, it's your company that is affected in the first instance. That's why all businesses should be vigilant and do their utmost to protect themselves against cyberattacks.
Where should you pay attention?
Vulnerabilities in your software can hide in many places. For example, in bad code, weak logins or a poor hosting environment. Therefore, it's not enough to choose a digital platform that is inherently known for high security. If your employees open the door wide with poor logins or if your solution is hosted in an insecure environment, even the best platform is vulnerable to cyberattacks.
You can address login culture and password security yourself, as well as train your colleagues to spot phishing attempts, CEO fraud and similar - unfortunately common - attempts to create cracks in your organisation's security measures.
It can be hard to know where hackers will want to attack, but you can ask yourself where it would be most critical to your business if you were to be hit. What data and systems are critical to access if your business is to run - and survive? Here's your answer to where you need to focus on security the most.
System updates are crucial for security
Keeping your systems up-to-date is a crucial factor for the security of your systems. System vendors regularly release security updates, which you should invest in if you don't want to risk suddenly having the doors to your company's systems left wide open.
In January 2026, IT-Branchen published a thought-provoking article about cybersecurity - or lack thereof - in the public sector. The article revealed that nearly 12,000 pieces of network equipment reviewed across all 23 ministries had critical vulnerabilities. 91% of these vulnerabilities could be removed by updating the systems (2)
The same goes for private companies, who run a huge risk if they just close their eyes and wait to update until next year or whenever they think it best fits into their budget and schedule. Security is not something you can deal with when you have time. It's imperative to focus on it continuously and often, so make sure you get it on the agenda.
Of course, this means setting requirements for both internal and external suppliers. Developers, hosting partners, business partners with access to your company's systems - everyone must make an effort to ensure shared security.
And above all, it's an effort you should make a strategic choice to focus on continuously. Because the nature of cyberattacks is changing all the time. Hackers are getting smarter and more skilled. AI has made it easier for them to identify vulnerabilities and optimise attack strategies. But in the same way, you can become better at improving security if you make a choice to focus on it, today, tomorrow and every day going forward.
Where does that leave us?
As indicated, security is a very broad concept that requires you to have both internal procedures in place and requirements for your IT suppliers. Not to protect yourself completely (because no one can) but to minimise the risk of - and consequences of - a security breach.
For those of us who provide web solutions, security is an ever-present focal point. We need to keep an eye on the constant evolution of cybercrime. We need to think security into the infrastructure and code while we're building the solutions. And we need to be aware of security issues related to hosting the web solutions.
It's about both protecting and monitoring the solutions to the best of our ability, and detecting and quickly plugging the holes that can undeniably occur. Because, as mentioned, when it comes to cybersecurity, one-size-fits-all is not an option. But we must all do the absolute best we can.
Sources
1: IT-Branchen: Cybersecurity, see source
2: IT-Branchen: Has the pain threshold for lack of cybersecurity in the public sector been reached, 26-01-2026 , see source
3: Danish National Security Agency: Trusselsvurdering - Cybertruslen mod Danmark 2025, p. 4, November 2025, see source
4: Danish National Security Agency: Threat Assessment - Cyber Threat to Denmark 2025, p. 18, November 2025, see source
5: Danish National Security Agency: Threat Assessment - Cyber Threat to Denmark 2025, p. 9-12, November 2025, see source
6: Danish National Security Agency: Threat Assessment - Cyber Threat to Denmark 2025, p. 13-17, November 2025, see source
7: Danish National Security Agency: Threat Assessment - Cyber Threat to Denmark 2025, p. 20-22, November 2025, see source