NoName057(16): The Pro-Russian Hackers on the Rampage
Pro-Russian cybercriminals orchestrated a digital attack, successfully shutting down Stuttgart's official website. - Russian supporters took down Stuttgart's digital platform.
Get ready to meet NoName057(16), a notorious pro-Russian hacking crew known for pulling off distributed denial of service (DDoS) attacks. Active since March 2022, these digital vandals have been targeting cities in nations backing Ukraine in its conflict with Russia, leaving chaos in their wake.
Origin and Motives
Drawing inspiration from geopolitical tensions, NoName057(16) strategically strikes at moments of increased military or diplomatic support for Ukraine. Armed with tools like the Bobik botnet, they've been wreaking havoc on organizations worldwide, with a special focus on government and critical infrastructure entities [2][5].
Past Transgressions in Germany
NoName057(16) has made their presence felt in Germany, targeting major organizations in response to political moves. One example is Chancellor Friedrich Merz's plans to send Taurus cruise missiles to Ukraine, leading them to attack entities like Bayerische Landesbank, BayWa AG, COBUS Industries, Aluminium Rheinfelden Alloys, and even city websites in Hanover, Düsseldorf, Leipzig, Berlin, Frankfurt am Main, and Cologne [1].
Global Impact
Their global rampage hasn't stopped there. NoName057(16) has also targeted Italy, launching DDoS attacks against ministries, institutions, critical infrastructure, and private organizations, such as Intesa, Monte Paschi di Siena, and Italian ports [2]. The group even went after at least 19 municipal and provincial websites in regions like Groningen, and cities like Breda in the Netherlands [2].
Energy and nuclear sectors have also been in their crosshairs, with DDoS attacks on Framatome, a French nuclear reactor company, and Belgian nuclear reactors at Doel and Tihange [5].
Recent Attacks on German City Administrations
The group's recent focus seems to be on German city administrations, likely due to Germany's support for Ukraine. They've been targeting the websites of major German cities like Hanover, Düsseldorf, Leipzig, Berlin, Frankfurt am Main, and Cologne, as part of a broader campaign against organizations perceived as backing Ukraine [1].
The latest victim? The city of Stuttgart, whose administration's website was taken down last week, allegedly by NoName057(16). The city took down the site due to a DDoS attack at the end of April, making it unavailable for some time [Unclear source]. Similar attacks have been reported in Dresden and Berlin, causing disruptions for several days [Enrichment data not identified in base article].
While city Ellwangen also reported a cyberattack on April 24, there's no evidence linking it to NoName057(16) [Enrichment data not identified in base article].
In the face of these relentless cyberattacks, it's clear that NoName057(16) is a force to be reckoned with, exploiting geopolitical tensions to sow digital chaos worldwide. Stay tuned for more updates and strategies to stay safe in this digital battlefield.
- The community policy should address the increasing digital threats, such as those posed by pro-Russian hacking crews like NoName057(16), including DDoS attacks on city administrations and critical infrastructure entities.
- Employment policies in technology sectors need to prioritize cybersecurity measures to protect against digital vandals like NoName057(16), who have targeted organizations worldwide, including in Germany (Hanover, Düsseldorf, Leipzig, Berlin, Frankfurt am Main, and Cologne) and other countries like Italy and the Netherlands.
- Political leaders and governments should consider implementing stronger cybersecurity strategies to safeguard their cities and critical infrastructure from groups like NoName057(16), whose motives are linked to geopolitical tensions, as shown in their attacks on organizations supporting Ukraine.
- News outlets should report on cybersecurity issues related to global politics, including DDoS attacks by groups like NoName057(16), to inform the public about such threats and raise awareness of the need for enhanced cybersecurity measures.
- The general-news sector must remain vigilant and offer comprehensive coverage of cybercrime-and-justice cases, such as the activities of NoName057(16) and similar pro-Russian hacking crews, to foster broader understanding of the digital battlefield and help protect communities from these malicious actors.
