Article Details
Scrape Timestamp (UTC): 2025-05-01 20:09:33.470
Original Article Text
Click to Toggle View
Pro-Russia hacktivists bombard Dutch public orgs with DDoS attacks. Russia-aligned hacktivists persistently target key public and private organizations in the Netherlands with distributed denial of service (DDoS) attacks, causing access problems and service disruptions. The situation was acknowledged via a statement by the country's National Cyber Security Center (NCSC), part of the Dutch Ministry of Justice. "This week, several Dutch organizations have been targeted by large-scale DDoS attacks," reads the NCSC announcement. "The DDoS attacks are directed at both Dutch and other European organizations. Within the Netherlands, both public and private entities are being attacked." The NCSC noted that the attacks were claimed by the hacktivist group named NoName057(16) on the threat actor's Telegram channel. Although the NCSC said the threat actor's motive is unclear, NoName057(16) declared it was retribution for the Netherlands sending €6 billion in military aid to Ukraine and planning to allocate another €3.5 billion in 2026. The threat group's latest message on Telegram from yesterday indicates that the attacks continue. According to local media outlets, the DDoS attacks have impacted the provinces of Groningen, Noord-Holland, Zeeland, Drenthe, Overijssel, Noord-Brabant, and the municipalities of Apeldoorn, Breda, Nijmegen, and Tilburg. The online portals of these public organizations were reportedly unreachable for several hours this week, though according to officials, there has been no compromise of internal systems or data. NoName057(16) is a threat actor that, since March 2022, has had significant involvement in numerous DDoS attacks targeting European and American organizations. The threat group even launched a crowdsourced DDoS platform called 'DDoSIA' where "volunteers" would get paid to lend their firepower in attacks. The platform became very successful, recruiting thousands of users in under a year and launching multiple disruptive attacks on Western entities. In July 2024, the Spanish authorities arrested three members of DDoSIA and seized their devices for further investigation. However, there was no significant follow-up in the operation, and the leaders of the threat group have not been named or indicted yet, and so the DDoS attacks continue. Top 10 MITRE ATT&CK© Techniques Behind 93% of Attacks Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.
Daily Brief Summary
Pro-Russia hacktivists continue to target Dutch public and private organizations with DDoS attacks, disrupting accessibility and service provision.
The Dutch National Cyber Security Center (NCSC) confirmed that multiple organizations in the Netherlands and other European countries experienced large-scale DDoS attacks.
The NCSC revealed that the attacks were carried out by a hacktivist group known as NoName057(16), which claimed the actions were in retaliation for Dutch military aid to Ukraine.
The group publicly asserted that its attacks were a response to the Netherlands' financial support to Ukraine, involving €6 billion previously and an additional planned €3.5 billion by 2026.
Attacks have significantly impacted various Dutch regions including Groningen and Noord-Holland, affecting the online services of many municipalities and provinces.
Despite the disruptions, there were no reported data breaches or internal system compromises within the targeted organizations.
The DDoS campaign is part of ongoing activities by NoName057(16), which also runs a crowdsourced DDoS platform called 'DDoSIA', noted for its rapid recruitment and extensive reach in targeting Western organizations.