Pro-Russian hacker group targets critical infrastructure and public services

(Image credit: Shutterstock) (Image credit: Shutterstock)

NoName057 continue DDoS attacks against Taiwanese targets
Multiple sectors and critical infrastructure were hit by the attacks
No significant disruption was noted, and many services were restored

In an apparent escalation of recent cyber warfare, Taiwan’s government and major corporations have been targeted by a second wave of Distributed Denial of Service (DDoS) attacks by the pro-Russian hacker group NoName057.

These attacks, which began in early September 2024 and surged again in early October, have affected a wide range of companies including several high-tech firms and critical infrastructure organizations.

The most recent wave of attacks occurred from October 5 to 6, affecting several major companies such as Formosa Plastics, Wistron, and United Microelectronics, all of whom reported their websites were targeted by DDoS attacks, but were quick to restore services and resume normal operations.

Widespread targets

This second wave of DDoS attacks appears to be a continuation of earlier cyber incidents that occurred in September 2024. NoName057 has aggressively targeted Taiwan, claiming responsibility for multiple cyber-attacks. These attacks have also expanded beyond the corporate sector to include essential public services and government entities.

According to NoName057, targets over the first weekend of October included municipal governments, public offices, judicial units, and airports such as Taoyuan International and Songshan Airports. Furthermore, the group claimed attacks on key government databases, including the National Legal Database, showcasing the hackers’ intent to disrupt critical infrastructure in Taiwan.

Although not all organizations have officially disclosed that they were targeted, there were clear signs of disruption. Companies and organizations such as IC design company Shichi, various judicial units and Shixin-KY were also hit by the attack. However, by the evening of October 7, Shixin-KY announced that its website was functioning normally again.

These attacks are not isolated incidents, as NoName057 has a long history of launching cyber-attacks against governments and enterprises across various countries, including Ukraine, France, Lithuania and Czechia.

Before its October attacks on Taiwan, the group targeted Austria and Israel, emphasizing the widespread nature of their malicious activities. Their attacks are usually aimed at disrupting essential services, including government websites, public utilities, and financial institutions.

In 2022, during the visit of U.S. House Speaker Nancy Pelosi to Taiwan, a similar wave of DDoS attacks hit government departments and private companies alike. Likewise, Taiwan’s hosting providers experienced substantial disruption in 2020 due to cyber-attacks, and in 2017, several brokerage websites faced significant downtime due to similar DDoS activities.

Via ITHome

New method for phishing discovered for Android and IPhone users
Here's a list of the best firewalls today
These are the best endpoint protection tools right now

Efosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master's and a PhD in sciences, which provided him with a solid foundation in analytical thinking. Efosa developed a keen interest in technology policy, specifically exploring the intersection of privacy, security, and politics. His research delves into how technological advancements influence regulatory frameworks and societal norms, particularly concerning data protection and cybersecurity. Upon joining TechRadar Pro, in addition to privacy and technology policy, he is also focused on B2B security products. Efosa can be contacted at this email: udinmwenefosa@gmail.com