A new warning has been issued over continued disruptive cyber-attacks against UK organizations, with local government bodies and operators of critical national infrastructure remaining key targets. Russian-aligned hacktivist groups are continuing to target UK and global organizations by attempting to disrupt operations, take websites offline and disable services. The activity is largely focused on denial-of-service (DoS) attacks intended to overwhelm websites and online systems, preventing access to essential services.[1]
The alert, published today by the UK National Cyber Security Centre (NCSC), part of GCHQ, highlights ongoing campaigns by Russian state-aligned hacktivist groups and urges organizations to review defenses and strengthen cyber resilience. Although DoS attacks are typically low in technical sophistication, the NCSC said their impact can be significant. Successful attacks can disrupt entire systems, consume time and resources during recovery, and damage operational resilience. Even short outages may prevent citizens from accessing services they rely on.
A Warning Against Pro-Russian Hacktivist Groups - In December 2025, the NCSC co-sealed an advisory with international partners, warning that pro-Russian hacktivist groups have been conducting cyber operations worldwide against government bodies, private-sector organizations and multiple critical infrastructure sectors. One group highlighted was NoName057(16), which has been active since March 2022 and has carried out frequent DDoS attempts against the UK local government, as well as attacks across NATO member states and other European countries perceived as hostile to Russian geopolitical interests. The group primarily operates through Telegram channels and has used platforms such as GitHub to host its DDoSia tool and share tactics and techniques with supporters.
Gary Barlet, Public Sector CTO at Illumio, said the broader risk environment makes disruption likely to increase. "Modern supply chains and critical infrastructure are deeply interconnected, making disruption easier than ever. Hacktivists have successfully targeted essential services across Europe for years, and with rising geopolitical tensions in 2026, these attacks are likely to escalate."
Read more on cyber resilience: Securing AI for Cyber Resilience: Building Trustworthy and Secure AI Systems.[2]
The NCSC noted that the attacks are ideologically motivated rather than financially driven, linked to perceived Western support for Ukraine. This is not the first time the agency has warned of such activity. In 2023, it published an alert following Russia's invasion of Ukraine, highlighting the growing risk from state-aligned adversaries and an evolution in threats targeting UK operational technology. The agency recommends that organizations review their DoS protections, improve resilience and engage with its heightened cyber threat collection.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.infosecurity-magazine.com/news/russia-cyber-pressure-uk-orgs/
[2] https://www.infosecurity-magazine.com/blogs/securing-ai-for-cyber-resilience/
Comments