We value your privacy

We use cookies to enhance your browsing experience and analyze traffic anonymously for internal statistical purposes. By clicking “Accept all,” you consent to the use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site.... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

  • Cookie
    cookieyes-consent
  • Duration
    1 year
  • Description

    CookieYes sets this cookie to remember users' consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about site visitors.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

  • Cookie
    language
  • Duration
    1 anno
  • Description

    This cookie is used to store the user's language preference.

  • Cookie
    post_viewed_
  • Duration
    1 ora
  • Description

    This cookie prevents a single visit to an article from being counted multiple times when the page is refreshed.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

  • Cookie
    _ga_*
  • Duration
    1 anno 1 mese 4 giorni
  • Description

    Google Analytics sets this cookie to count visitors to the page

  • Cookie
    _ga
  • Duration
    1 anno 1 mese 4 giorni
  • Description

    Google Analytics sets this cookie to calculate visitor, session, and campaign data and track site usage for site analytic reporting. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

News

NoName057: the pro-Russian Group under the spotlight

The DDoS attacks on Italian institutions and companies highlight a growing threat from the pro-Russian hacktivist group NoName057, which emerged in March 2022. Openly supporting the Russian Federation, the group uses DDoS attacks as tools of propaganda and sabotage against Moscow's geopolitical adversaries, targeting websites of institutions, businesses, and critical infrastructure across Europe.

The pro-Russian group

29 January 2025

Table of contents

  • Who are NoName057 
  • How NoName057 operates 
  • Recent actions: Italy in the crosshairs 
  • Connections with other groups and future strategies 
  • The necessary response 

This article explores the hacker group NoName057, analyzing who they are, how they operate, and their recent activities that have alarmed national cyber security authorities. 

DDoS (Distributed Denial of Service) attacks conducted against Italian institutions and companies highlight a growing threat from these pro-Russian hacktivist groups, making it crucial to understand their modus operandi to defend computer systems. 

Who are NoName057 

NoName057, also known as NoName057 DDoS, is a group of pro-Russian activists that emerged in the realm of cyberattacks in March 2022

The group has openly declared its support for the Russian Federation and uses its attacks as tools of propaganda and sabotage against Moscow’s geopolitical adversaries. 

Since their debut, NoName057 has stood out for their frequent use of DDoS attacks, targeting websites of institutions, companies, and critical infrastructure in Europe. 

How NoName057 operates 

The group primarily uses DDoS (Distributed Denial of Service) attacks, which overwhelm the target websites’ servers with massive volumes of traffic generated by botnets. 

These attacks aim to render websites inaccessible, causing disruptions and reputational damage. Recent targets include Italian institutional websites, such as the Guardia di Finanza portal, the Ministry of Labor site, and the Constitutional Court website. 

According to cyber threat intelligence analyses, the group uses underground channels to coordinate operations and disseminate target lists, often providing real-time updates on the effectiveness of their attacks. 

Recent actions: Italy in the crosshairs 

In recent days, NoName057 has intensified its activities, targeting several Italian institutions for the second consecutive day. Among the targets were the websites of the ports of Trieste and Taranto, the Air Force, the Navy, the National Recovery and Resilience Plan (PNRR) portal, several banks like BPER, and even the High Council of the Judiciary.

These attacks were claimed by the group through their communication channels and confirmed by cyber threat intelligence sources

Some of the most affected websites include: 

  • concorsi.gdf.gov.it 
  • www.aeronautica.difesa.it 
  • www.bper.it 
  • www.mimit.gov.it 

Currently, many of these sites remain offline, demonstrating the effectiveness of the attacks and the challenges in managing national cyber security

The pro-Russian group

Connections with other groups and future strategies 

NoName057 appears to collaborate with other hacker groups and has recently launched a platform called DDosia, allowing affiliated individuals to actively participate in attacks in exchange for rewards.

This evolution in their operational model underscores a well-structured strategy to expand their reach and amplify the impact of their actions. 

The necessary response 

The recent attacks have raised questions about the preparedness level of Italian infrastructures, particularly in light of the new NIS2 directives. While formal security measures seem to be in place, actions by groups like NoName057 show that much work remains to be done to prevent such incidents.

The adoption of advanced monitoring tools and the implementation of mitigation measures must become priorities across all sectors. 

Questions and answers 

  1. Who are NoName057?
    A group of pro-Russian hackers known for conducting DDoS attacks against institutional and corporate websites. 
  2. What does NoName057 DDoS mean?
    It refers to the group’s main strategy, namely DDoS (Distributed Denial of Service) attacks. 
  3. When did they first appear?
    The group has been active since March 2022, with actions aimed at supporting the Russian Federation. 
  4. What are their main targets?
    Institutions, critical infrastructure, and companies in countries opposing Russia. 
  5. What is their connection with other collectives?
    They collaborate with other activist groups, using platforms like DDosia to expand their operations. 
  6. Which Italian institutions have they recently targeted?
    Portals such as those of the Guardia di Finanza, Ministry of Labor, and Air Force. 
  7. What is a DDoS attack?
    A cyberattack that overwhelms a site or network, rendering it inaccessible. 
  8. What are underground channels?
    Online platforms used by NoName057 to plan attacks and share information. 
  9. Why are they considered a threat?
    Due to their ability to target strategic objectives and cause significant disruptions. 
  10. What is the impact of the NIS2 directives?
    The directives aim to improve infrastructure security, but recent attacks highlight gaps that need to be addressed. 
59
To top