The network was linked to various attacks in 2023 and 2024, including ones against Swedish authorities and bank websites, and a wave of 14 different attacks on more than 250 German companies.
The UK’s cybersecurity authority is warning local government authorities and critical infrastructure operators of Russian state-aligned hacktivists that are launching denial-of-service attacks in an attempt to trip up services and disable websites.
While the National Cyber Security Centre didn’t name specific incidents behind its Friday alert, it pointed to NoName057(16), a pro-Russian cybercrime network that has previously targeted organizations across NATO member countries. The network was linked to various attacks in 2023 and 2024, including ones against Swedish authorities and bank websites, and a wave of 14 different attacks on more than 250 German companies.
“In particular, the group NoName057(16) has been active since March 2022, and have been conducting attacks against government and private sector entities in NATO member states and other European countries that are perceived as hostile to Russian geopolitical interests,” according to the NCSC in the Friday alert. “These attacks have included frequent DDoS attempts against UK local government.”
According to a 2025 analysis by Recorded Future, the threat group relied on large-scale DDoS attacks through its volunteer-driven DDoSia platform, which allowed it to maintain a “high operational tempo” of 50 targets daily during previous years.
Part of the reason why this advisory is noteworthy is that NoName057(16) was targeted just last year in a global takedown operation by international agencies from 12 different countries - including the U.S. - which resulted in the disruption of the network’s attack infrastructure. The July 2025 operation led to two arrests, 100 servers disrupted, and a major part of the group’s main infrastructure being taken offline.
Rather than financial gain, these types of attacks are driven by ideology, specifically over impacted countries’ support for Ukraine, according to the NCSC. DoS attacks are normally low in sophistication and finite, however, the NCSC said these attacks can have significant cost and operational impacts on organizations.
Organizations should review their DoS protections by pinpointing specific areas in their services where attackers can attempt to overload available services; identify the DoS mitigations that ISPs have in place on their accounts; make sure their service can rapidly scale to deal with attacks that can’t be handled upstream; and create a response plan should a DoS attack occur.
“By overwhelming important websites and online systems, these attacks can prevent people from accessing the essential services they depend on every day,” said NCSC Director of National Resilience Jonathon Ellison in a statement. “All organisations, especially those identified in today’s alert, are urged to act now by reviewing and implementing the NCSC’s freely available guidance to protect against DoS attacks and other cyber threats.”
