"Canadian Government Targeted With DDoS Attacks by Pro-Russia Group"

The pro-Russian cybercrime group named NoName057(16) has recently been observed launching distributed denial-of-service (DDoS) attacks against Canadian organizations.  Since March 2022, the threat actor, also known as NoName05716, 05716nnm, or Nnm05716, has been launching disruptive attacks supporting Russia’s invasion of Ukraine.  According to the Canadian Centre for Cyber Security, the group has targeted financial, government, military, media, supply, telecoms, and transportation organizations in Ukraine and NATO-associated targets, including the Czech Republic, Denmark, Estonia, Lithuania, Norway, and Poland.  Since September 13, 2023, the Cyber Centre has been aware and responding to reports of several distributed denial of service (DDoS) campaigns targeting multiple levels within the Government of Canada, as well as the financial and transportation sector.  The Cyber Centre noted that NoName057(16) uses a botnet to target the web servers of victim organizations and then boasts about its malicious activities.  Canadian organizations are advised to review systems to identify potential DDoS activity, review and proactively implement DDoS protections, review the US CISA’s guidance on mitigating DDoS attacks, improve internet gateways’ monitoring and protections, isolate web-facing applications, and report NoName057(16)-suspected DDoS attacks to the Cyber Centre.

SecurityWeek reports: "Canadian Government Targeted With DDoS Attacks by Pro-Russia Group"