Ethical Hacking News
The UK government has issued a warning about the increasing threat of Russian hacktivists, who are targeting critical infrastructure with DDoS attacks. With the main operators believed to be in Russia, the group's activities continue unabated despite previous disruptions. This evolving threat demands proactive measures from organizations and policymakers to mitigate its impact.
The UK government has issued a warning about ongoing attacks by Russian-aligned hacktivist groups targeting critical infrastructure and local government organizations. NoName057(16), a pro-Russian hacktivist group, is at the center of these malicious activities, operating DDoSia for crowdsourced attacks. The group resumed its activities after a disruption operation arrested two members in July 2025, despite being based in Russia. Organizations are advised to implement ISP mitigations, third-party DDoS protection, and design for rapid scaling using cloud auto-scaling or virtualization. Response plans should support graceful degradation, adapt to changing attacker tactics, retain admin access, and ensure scalable fallbacks for essential services. The threat represents an increased risk since 2022, targeting NATO member states and European countries that have taken a stance against Russia's geopolitical ambitions.
The United Kingdom government has issued a warning about the ongoing attacks by Russian-aligned hacktivist groups, which have been targeting critical infrastructure and local government organizations in the country. These attacks, characterized as denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks, aim to disrupt services and take websites offline. The National Cyber Security Centre (NCSC), a UK-based agency responsible for protecting the nation's cyber assets, has issued an alert about these malicious activities.
At the center of this threat are Russian-aligned hacktivist groups, which have been active since March 2022. One particular group, NoName057(16), is known as a pro-Russian hacktivist group that operates the DDoSia project, allowing volunteers to contribute computing resources for crowdsourced DDoS attacks and receive monetary rewards or recognition from the community. The NCSC notes that these groups are ideologically motivated rather than financially driven.
According to the NCSC, NoName057(16) has returned to action after a disruption operation dubbed "Operation Eastwood" arrested two members of the group and issued arrest warrants in mid-July 2025. Despite this setback, with the main operators believed to reside in Russia, the group was able to resume their activities. This marks an evolving threat that is also affecting operational technology (OT) environments.
To mitigate these risks, the NCSC advises organizations to understand their services to identify potential resource-exhaustion points and responsibility boundaries. They should strengthen upstream defenses by implementing ISP mitigations, third-party DDoS protection, content delivery networks (CDNs), and provider-imposed safeguards, considering redundancy with multiple providers. Designing for rapid scaling using cloud auto-scaling or virtualization with spare capacity is also recommended.
Organizations are advised to define and rehearse response plans that support graceful degradation, adapt to changing attacker tactics, retain admin access, and ensure scalable fallbacks for essential services. Continuous testing and monitoring are also crucial to detect attacks early and validate the effectiveness of defenses.
This threat represents an increased risk since 2022, with Russian hacktivists targeting organizations in NATO member states and other European countries that have taken a stance against "Russia's geopolitical ambitions." The nature of these attacks highlights the evolving tactics employed by cybercriminals and underscores the importance of vigilance in mitigating such threats.
In conclusion, the ongoing threat posed by Russian-aligned hacktivist groups requires immediate attention from organizations and policymakers alike. Understanding the nature of these attacks and implementing effective countermeasures is essential to protecting critical infrastructure and local government services.
The UK government has issued a warning about the increasing threat of Russian hacktivists, who are targeting critical infrastructure with DDoS attacks. With the main operators believed to be in Russia, the group's activities continue unabated despite previous disruptions. This evolving threat demands proactive measures from organizations and policymakers to mitigate its impact.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Growing-Threat-of-Russian-Hacktivists-A-New-Era-of-DDoS-Attacks-in-the-UK-ehn.shtml
Published: Mon Jan 19 11:26:50 2026 by llama3.2 3B Q4_K_M
