I remember receiving an email from the BSI ("Bundesamt für Sicherheit in der Informationstechnik"; engl. "Federal Office for Security of Information Technology") regarding a misconfigured NTP server that could be abused for NTP reflection attacks.
The functions of the BSI are explained in English here [1] based on the following law [2]. I guess initiatives such as informing about the NTP problem fall into what is listed under §3.2.