A new warning has been issued over continued disruptive cyber attacks against UK organisations, with local government bodies and operators of critical national infrastructure remaining key targets.
Russian-aligned hacktivist groups are continuing to target UK and global organisations by attempting to disrupt operations, take websites offline and disable services.
The activity is largely focused on denial-of-service (DoS) attacks intended to overwhelm websites and online systems, preventing access to essential services.
The alert, published today by the UK National Cyber Security Centre (NCSC), part of GCHQ, highlights ongoing campaigns by Russian state-aligned hacktivist groups and urges organisations to review defences and strengthen cyber resilience.
Although DoS attacks are typically low in technical sophistication, the NCSC said their impact can be significant. Successful attacks can disrupt entire systems, consume time and resources during recovery, and damage operational resilience. Even short outages may prevent citizens from accessing services they rely on.
A Warning Against Pro-Russian Hacktivist Groups
In December 2025, the NCSC co-sealed an advisory with international partners, warning that pro-Russian hacktivist groups have been conducting cyber operations worldwide against government bodies, private-sector organisations and multiple critical infrastructure sectors.
One group highlighted was NoName057(16), which has been active since March 2022 and has carried out frequent DDoS attempts against the UK local government, as well as attacks across NATO member states and other European countries perceived as hostile to Russian geopolitical interests.
The group primarily operates through Telegram channels and has used platforms such as GitHub to host its DDoSia tool and share tactics and techniques with supporters.
Gary Barlet, Public Sector CTO at Illumio, said the broader risk environment makes disruption increasingly likely. "Modern supply chains and critical infrastructure are deeply interconnected, making disruption easier than ever. Hacktivists have successfully targeted essential services across Europe for years, and with rising geopolitical tensions in 2026, these attacks are likely to escalate."
The NCSC noted that the attacks are ideologically motivated rather than financially driven, linked to perceived Western support for Ukraine. This is not the first time the agency has warned of such activity. In 2023, it published an alert following Russia's invasion of Ukraine, highlighting the growing risk from state-aligned adversaries and an evolution in threats targeting UK operational technology.
The agency recommends that organisations review their DoS protections, improve resilience and engage with its heightened cyber threat collection.