A pro-Russian hacking group has claimed to have successfully targeted a range of UK websites, including local councils and the Association for Police and Crime Commissioners, during a three-day campaign.
In a series of social media posts, the group calling itself NoName057(16) suggested it had made a number of websites temporarily inaccessible, although it is understood the attacks were not wholly successful.
The hackers sought to flood a range of websites with internet traffic in what is known as a distributed denial-of-service (DDoS) attack. The group wrote on X: “Britain is invested in the escalation of the [Ukraine] conflict, and we are disconnecting its resources.”
Its success was limited, however, with councils in Blackburn and Darwen and Exeter among those reporting that their websites were unaffected despite the hacking group’s claims of success.
A number of other allegedly targeted organisations, including the Association for Police and Crime Commissioners, Harwich International Port, and Cardiff city council were unavailable for comment.
Where websites did temporarily become inaccessible due to the sudden surge of traffic, they were back operating within hours, officials said.
A spokesperson at Arun district council said: “We can confirm that we did experience problems with our website [on Tuesday morning] starting around 7.15am, our website was fully operational by 11.30am. We are aware of the claims made on X and continue to investigate.”
The National Highways said they had also faced a DDoS attack but that the website would soon be operating as normal.
The attack is a rerun of an attempt made last October to disrupt the websites of half a dozen councils. It did not put at risk the data of users or residents but disabled the websites for a short period as they were swamped by traffic.
The National Cyber Security Centre (NCSC) said at the time that the agency had “provided guidance” to affected local authorities. “Whilst DDoS attacks are relatively low in sophistication and impact, they can cause disruption by preventing legitimate users from accessing online services,” it said.
Since its launch in 2022, NoName057(16) has used such attacks to disrupt the running of a range of Ukrainian, European and American government agencies and media outlets. In January 2023, it targeted the websites of Czech presidential candidates in a first attempt to attack political figures.
Research published last summer by the cybersecurity company Bridewell found that 63% of businesses in the government sector had experienced a ransomware attack over the past 12 months. The National Audit Office warned in January that the “cyber threat to UK government is severe and advancing quickly”.
The NCSC was forced to issue new guidance this week after a spate of cyber-attacks on retailers that appear to have been made possible through criminals impersonating IT help desks. They include attacks on Marks & Spencer, Co-op and Harrods.
The criminals had targeted IT help desks to change passwords and reset authentication processes as they sought to gain access to systems.
Of the attacks on retailers, the NCSC said it was “not yet in a position to say if they are linked, if this is a concerted campaign by a single actor or whether there is no link between them at all”.
