A Russian-aligned hacking group named NoName057(16) has launched a wave of cyberattacks on UK websites over a three-day period. The group targeted local government sites and public bodies using distributed denial-of-service (DDoS) attacks aimed at knocking services offline. The attacks, which started earlier this week, were in response to what the group called the UK’s continued support for Ukraine. Most targeted websites recovered quickly, with little damage reported.
Pro-Russian Hackers Target Local Councils
The cyber group announced the attacks on the platform X, formerly Twitter. They claimed responsibility for hitting the Association for Police and Crime Commissioners, along with local councils in Exeter and Blackburn with Darwen. Their message accused the UK of “escalating the Ukraine conflict” and warned of further digital disruptions.
The hackers used DDoS tactics, which overload websites by sending huge volumes of traffic. This kind of attack is simple but can prevent the public from accessing services.
Quick Response Limits Damage
Despite the hackers’ claims, the real-world impact was limited. Councils confirmed that key services stayed online or were restored quickly. Exeter City Council said it had no major service disruptions. Arun District Council, which also experienced downtime, said its systems were fully back online within hours.
National Highways, which manages England’s roads, also reported a cyberattack attempt but said its website was returning to normal by the end of the day.
Not the First Attack
This isn’t the first time UK councils have faced this type of threat. In October 2023, several local websites were temporarily shut down by similar DDoS attacks. Like now, those incidents caused short-term issues but did not result in stolen data or long-term problems.
The National Cyber Security Centre (NCSC) said that while DDoS attacks are not highly complex, they can still block access to digital tools that people rely on daily. The agency warned that even low-skill attacks can disrupt important public services.
Growing Cybersecurity Concerns in the UK
NoName057(16) has been active since 2022 and is known for targeting Ukraine and its allies. In early 2023, it disrupted campaign websites during the Czech presidential election. The group has focused on politically symbolic targets, often tied to countries that support Ukraine.
Meanwhile, UK government bodies face wider threats. A report from cybersecurity firm Bridewell found that 63% of public sector organizations suffered ransomware attacks in the last 12 months. These attacks often involve locking systems until a ransom is paid.
The National Audit Office has also raised alarms about the growing risk, calling the situation “severe and rapidly advancing.”
Retailers Also Under Fire
In addition to public services, UK businesses have also been hit. Retail giants like Marks & Spencer, Harrods, and Co-op recently faced a new kind of cyberattack. Hackers posed as IT staff to gain access to company systems.
The NCSC issued updated guidance to help businesses protect against such “social engineering” attacks, where criminals trick employees into handing over login details.
At this point, officials have not confirmed whether these retail attacks are linked to the same campaign as the DDoS attacks, but investigations are ongoing.
UK Faces Ongoing Cyber Pressure
The recent wave of attacks highlights the growing risk of state-aligned hackers and cybercrime networks. While damage from this specific campaign was limited, the message is clear: public services and businesses must prepare for more attacks in the future.
Cybersecurity experts urge local councils, companies, and government bodies to boost digital defenses and run regular training for employees. As threats increase, resilience will be key to keeping public systems online and secure.