Pro-Russian hacker group targets critical infrastructure and public services
- NoName057 continues DDoS attacks on Taiwanese targets
- Multiple sectors and critical infrastructure were affected by the attacks
- No significant disruption was noted and many services were restored
In an apparent escalation of the recent cyber war, the Taiwanese government and major companies have become the target of a second wave of Distributed Denial of Service (DDoS) attacks by the pro-Russian hacker group NoName057.
These attacks, which began in early September 2024 and flared up again in early October, have affected a wide range of companies, including several high-tech companies and organizations with critical infrastructure.
The most recent wave of attacks took place from October 5 to 6 and affected several major companies, such as Formosa Plastics, Wistron and United Microelectronics, all of which reported that their websites were targeted by DDoS attacks, but quickly restored services and returned to normal resume activities. .
Widespread targets
This second wave of DDoS attacks appears to be a continuation of previous cyber incidents that occurred in September 2024. NoName057 has aggressively attacked Taiwan and claimed responsibility for multiple cyber attacks. These attacks have also expanded beyond businesses to include essential public services and government agencies.
According to NoName057, targets for the first weekend of October included municipal governments, public offices, judicial units and airports such as Taoyuan International and Songshan Airports. Additionally, the group claimed attacks on key government databases, including the National Legal Database, demonstrating the hackers’ intent to disrupt critical infrastructure in Taiwan.
Although not all organizations officially announced that they had been targeted, there were clear signs of disruption. Companies and organizations such as IC design company Shichi, various judicial units and Shixin-KY were also affected by the attack. However, by the evening of October 7, Shixin-KY announced that its website was functioning normally again.
These attacks are not isolated incidents, as NoName057 has a long history of launching cyber attacks against governments and companies in several countries, including Ukraine, France, Lithuania and the Czech Republic.
Before the attacks on Taiwan in October, the group targeted Austria and Israel, highlighting the widespread nature of their malign activities. Their attacks usually aim to disrupt essential services, including government websites, public utilities, and financial institutions.
In 2022, during US Speaker of the House of Representatives Nancy Pelosi’s visit to Taiwan, a similar wave of DDoS attacks affected both government agencies and private companies. Similarly, Taiwan’s hosting providers experienced significant disruptions in 2020 due to cyber attacks, and in 2017 several brokerage websites faced significant downtime due to similar DDoS activity.
Via ITHome