Search Search
Ask for Support Support
News & Events
» News & Events
Opinion, Secure infrastructure, SerNet, 2025

Digital sovereignty does not end with hosting

by Dr. Johannes Loxen

A recent attack shows how deceptive the promises of international cloud providers can be: A startup was the target of an attack using domain spoofing. Attackers registered deceptively similar domains and sent fake payment instructions – set up via Zoho.eu and sent via Microsoft 365. The payment only failed because a bank was vigilant.

When the police wanted to investigate directly at the German branches, both providers refused to cooperate. Unfortunately, this is not an exception.

Service providers are increasingly advertising with slogans such as “Hosted in Germany” and “EU based.” This sounds impressive, but is often just packaging. Hosting in Germany is no guarantee of digital sovereignty, but often just sovereignty washing. The server may be located in Frankfurt, but in this case, the contracts are run through Ireland and the Netherlands, and the parent companies are based in the US and India, respectively.

This means that when it comes down to it, it is not the server location that matters, but the corporate structure. 

In the case described, the result was that the German branches were unable or unwilling to help. Criminal prosecution must be carried out through international legal assistance – a process that does not lead to short-term investigative success in acute cases.

This is precisely why the term sovereignty washing has become established: the impression of control without real enforceability. This creates a dangerous contradiction: the services operate locally, but responsibility lies globally.

What should companies pay attention to?

Digital sovereignty is achieved through careful selection of providers:

  1. with a contractual partner in the same legal jurisdiction,
  2. a technical infrastructure whose operator can be changed in an emergency, and
  3. secured cooperation in all technical, organizational, and legal cases.

If one of these points is missing, you lose control – even with simple attacks such as the domain spoofing described above.

SerNet is a German company with contracts under German law. It operates most of its infrastructure itself and purchases supplementary cloud services with a focus on sovereignty in order to remain capable of acting in an emergency. 

FAQ: What is spoofing?

What does “spoofing” mean?

Spoofing means that perpetrators digitally impersonate someone else – e.g., through fake email addresses, domains, or phone numbers.

What is domain spoofing?

In domain spoofing, attackers register deceptively similar internet domains to imitate real companies (e.g., “examp1e.com” instead of “example.com”). They often use these to send fraudulent emails.

How dangerous is this?

Domain spoofing is one of the most common methods used for:

  • fake payment instructions (CEO fraud/BEC),
  • stealing access data,
  • the introduction of malware.

Why is the attack so difficult to detect?

The email arrives technically correctly via regular email providers, looks legitimate – and the difference in the domain is often only one letter.

Domain contract icon
Back
Contact us
Contact
Contact
We are right here!

Our sales team is happy to help you with any questions about SerNet products and services - personally and individually tailored to your needs.

You can call us directly at  +49 551 370000-0
or send email to sales@remove-this.sernet.de.

SerNet sales team
The SerNet sales team: Christian Börker, Alina Schnur, Nadine Welz, Vinisha Rajakumar, Willem Rothe
Contact us about…
linke Spalte
rechte Spalte
captcha
* Mandatory fields