Home / Threat Intelligence bulletins / Russian hacktivist group launches retaliatory denial-of-service attacks against the UK 

Target Industry 

UK government and public services. 

Overview 

The Russian hacktivist group NoName057 has launched a new series of denial-of-service (DOS) attacks against websites affiliated with local UK councils and public transport in response to the ongoing politics between Ukraine and the UK. 

Impact 

The DOS attacks successfully brought down the targeted websites, disrupting public services, business, and inflicting reputational damage. 

 Targeted Organisations 

The following organisations were targeted after a Ukrainian politician supposedly made claims that the UK would send their troops to fight in the war in Ukraine: 

  • Leicestershire County Council 
  • East Cambridgeshire District Council 
  • Liverpool City Council 
  • Cranbrook City Council 
  • Public transport in West Yorkshire 
  • Authorisation on the public transport website in South Yorkshire 
  • Authorisation on the public transport website in Birmingham 

Containment, Mitigations & Remediations 

To effectively counter DOS attacks, organisations should implement response plans involving traffic rerouting, capacity enhancement, and implementation of advanced filtering to mitigate the flood of requests. 

Indicators of Compromise 

The IP address 94.140.115[.]89 has been associated with the string of DOS attacks against the listed organisations. 

 Threat Landscape 

There is a growing trend of politically motivated cyber-attacks as global tension rises. These attacks are not just isolated events but part of a larger pattern of cyber aggression that leverages vulnerabilities and weaknesses in public infrastructure and government services. 

Threat Group 

NoName057 is a pro-Russian hacktivist group. They have been involved in several attacks since their formation back in 2012. More recently, the group has been observed shifting tactics from website defacement to more sophisticated attacks such as distributed denial-of-service (DDoS) and data exfiltration. 

Their main targets include government agencies, financial institutions, public transportation organisations, and media outlets.