The U.K. government has warned that Russian-aligned hacktivist groups are continuing to target critical infrastructure and local government organizations using denial-of-service (DDoS) attacks.
According to the National Cyber Security Centre (NCSC), these attacks aim to take websites offline and disrupt essential online services. While DDoS attacks are usually simple, they can still cause serious damage by forcing organizations to spend time and money on recovery.
The NCSC highlighted a well-known group called NoName057(16), a pro-Russian hacktivist group active since 2022. The group runs a platform called DDoSia, where volunteers lend their computers to launch large-scale attacks in exchange for rewards or online recognition. Even though the attacks are not technically advanced, they can overwhelm systems and stop public services from working.
In July 2025, an international operation named Operation Eastwood disrupted the group by arresting two members, issuing eight arrest warrants, and shutting down around 100 servers. However, the main leaders are believed to be in Russia, beyond the reach of law enforcement. As a result, the group has resumed attacks, and the NCSC says the threat is now also affecting industrial and operational technology systems.
To reduce risk, the NCSC advises organisations to strengthen their defences using internet providers, DDoS protection services, and content delivery networks. They should design systems that can quickly scale during attacks, create and practice response plans, and regularly test their security.
Since 2022, Russian-aligned hacktivists have increasingly targeted NATO countries and European states that oppose Russia’s geopolitical actions, making this an ongoing and growing cyber threat.





