The U.K. government is warning of continued malicious activity from Russian-aligned hacktivist groups that are targeting critical infrastructure and local government organizations across the country through disruptive denial-of-service (DDoS) attacks.
Specifically, the attacks aim to take websites offline and disable services, the U.K.’s National Cyber Security Centre (NCSC) says in an alert today. Nevertheless, despite lacking technical sophistication, a DDoS attack can impose significant costs on a targeted organization.
“Although DoS attacks are typically low in sophistication, a successful attack can disrupt entire systems, costing organisations significant time, money, and operational resilience by having to analyse, defend against, and recover from them,” the cyber agency notes.
In particular, the NCSC points to a specific DDoS threat actor: the infamous NoName057(16), a pro-Russian hacktivist group that has remained active since March 2022.
Moreover, the group operates the DDoSia project, a platform that enables volunteers to contribute computing resources to conduct crowdsourced DDoS attacks. In return, participants receive monetary rewards or public recognition from the community.
Law Enforcement Disruption and Rapid Reemergence
In mid-July 2025, an international law enforcement operation dubbed “Operation Eastwood” disrupted NoName057(16)’s activity. Authorities arrested two group members, issued eight arrest warrants, and dismantled 100 servers linked to the operation.
However, because the group’s main operators remain out of reach—believed to be residing in Russia—the cybercriminals quickly resumed activity, as the NCSC’s latest bulletin confirms.
According to the agency, NoName057(16) operates with ideological motivation rather than financial gain and represents an evolving threat. Notably, the group’s activity increasingly affects operational technology (OT) environments. In response, the NCSC has shared a dedicated security guide for OT owners.
NCSC Guidance for Mitigating DDoS Risks
To reduce DDoS risks, the NCSC advises organizations to:
- Understand their services to identify potential resource-exhaustion points and responsibility boundaries.
- Strengthen upstream defenses, including ISP mitigations, third-party DDoS protection, CDNs, and provider-imposed safeguards, and consider redundancy with multiple providers.
- Design for rapid scaling by using cloud auto-scaling or virtualization with spare capacity.
- Define and rehearse response plans that support graceful degradation, adapt to changing attacker tactics, retain administrative access, and ensure scalable fallbacks for essential services.
- Test and monitor continuously to detect attacks early and validate the effectiveness of defenses.
Overall, Russian hacktivists have posed an increased threat since 2022, as these actors continue to target public- and private-sector organizations in NATO member states and other European countries that oppose “Russia’s geopolitical ambitions.”
Source: BleepingComputer, Bill Toulas
Read more at Impreza News
