**Pro-Russian Denial-of-Service Attacks Target UK, NCSC Warns**

The National Cyber Security Centre (NCSC), part of the UK's GCHQ intelligence, security, and cyber agency, has issued a warning about the threat posed by distributed denial-of-service (DDoS) attacks from Russia-linked hacking groups. These groups have been reported to be continuing their efforts to target British organisations, causing disruption to online services and critical infrastructure.

According to the NCSC alert, Russian-aligned hacktivist groups are behind these attacks, which are driven by ideology rather than financial gain. The motivation behind these attacks is believed to stem from perceived Western support for Ukraine, with the hackers operating outside of direct state control. Unlike many cyber attacks, these DDoS attacks do not appear to be financially motivated.

One of the most obvious symptoms of a basic denial-of-service attack is that a website becomes inaccessible due to unwanted traffic flooding it, making it impossible for legitimate users to access the resource. However, such attacks can have numerous other side effects on organisations, including:

  • Causes significant disruption to IT systems
  • Results in substantial time and money costs as organisations attempt to respond or recover

The NCSC is urging at-risk organisations to review their defences and harden their resilience to attacks. They are also encouraging owners of operational technology (OT) - the hardware and software that monitors and controls industrial equipment and physical systems commonly used in critical sectors such as manufacturing, transportation, and energy - to follow recommended mitigation advice to harden their cyber defences.

As Jonathon Ellison, director of National Resilience at the NCSC, noted: "By overwhelming important websites and online systems, these attacks can prevent people from accessing the essential services they depend on every day. All organisations, especially those identified in today’s alert, are urged to act now by reviewing and implementing the NCSC’s freely available guidance to protect against DoS attacks and other cyber threats."

These warnings come after a series of DDoS attacks were reported in December 2025 targeting critical infrastructure organisations in the water, food, and energy sectors. The groups behind these attacks included Cyber Army of Russia Reborn (CARR), Z-Pentest, NoName057(16), and Sector16.

Organisations looking to become more resilient against DDoS attacks can take the following steps:

  • Review their defences regularly
    • li>Implement measures to harden their cyber defences
  • Familiarise themselves with the NCSC’s freely available guidance on protecting against DoS attacks and other cyber threats

The threat posed by these DDoS attacks highlights the need for organisations to prioritise their online security, especially in the face of evolving threats from Russia-linked hacking groups. By taking proactive steps to harden their defences and prepare for potential attacks, organisations can reduce the risk of disruption and protect against the significant costs associated with responding to or recovering from a DDoS attack.