Pro-Russia Hacktivist Group NoName057(16) Targets Dutch Organizations with Large-Scale DDoS Attacks

The Netherlands has become the latest target of a pro-Russian hacktivist group, as several Dutch and European organizations faced large-scale Distributed Denial of Service (DDoS) attacks. The country's National Cyber Security Center (NCSC) has warned that these attacks are being launched by Pro-Russia hacktivists, specifically the NoName057(16) group.

According to the NCSC, multiple Dutch and European organizations have been targeted with large-scale DDoS attacks, with some claims of responsibility from the NoName057(16) group. The group claimed that these attacks are part of a larger campaign targeting organizations across both public and private sectors.

The Motive Behind the Attacks

According to the NCSC, the NoName057(16) group has stated that the DDoS attacks are in response to military aid sent by the Netherlands to Ukraine. The group claims that the attacks are a form of revenge for the €6 billion in military aid provided by the Netherlands to Ukraine in February, with plans to allocate an additional €3.5 billion in 2026.

The group also mentioned that the Netherlands' decision to cut the education and research budget by €1.2 billion was a factor in their decision to target Dutch organizations.

Impact of the Attacks

This week, Pro-Russia hacktivist group NoName057(16) called to action against Dutch organizations and claimed multiple successful attacks. The attacks have disrupted at least 19 municipal and provincial websites in the Netherlands, affecting regions like Groningen and cities like Breda.

Example of a Successful Attack

An example of a successful attack can be seen on the website of the province of Groningen, which is currently not accessible due to a DDoS attack. The website stated that they are working hard to find an solution and that telephone support is available.

The Activity of NoName057(16)

NoName057(16) has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. The group uses multiple tools to carry out their attacks, including the Bobik botnet, which was observed by Avast researchers in September 2022.

The group tends to operate in waves, escalating attacks during geopolitical tensions, such as increased military or diplomatic support for Ukraine by other nations. This is evident in January, when Pro-Russia hackers Noname057(16) targeted Italian ministries, institutions, critical infrastructure's websites and private organizations over the weekend.

Italian Web Sites Targeted

NoName057(16) hackers also hit Italian banks, including Intesa, Monte Paschi di Siena, and Italian ports of the cities of Taranto and Trieste. The group targeted private organizations, including Vulcanair and Olidata.

The Pro-Russia hacktivists also targeted several Italian web sites, including Malpensa and Linate airports, in a new DDoS campaign amid rising geopolitical tensions at the end of December.

Conclusion

In conclusion, the recent DDoS attacks on Dutch organizations by the NoName057(16) group highlight the ongoing threat posed by pro-Russian hacktivists. As the situation continues to unfold, it is essential for organizations and individuals to stay vigilant and take necessary precautions to protect themselves from these types of attacks.