Pro-Russian cybercriminals, identified as the NoName057 (16) group, executed a series of distributed denial-of-service (DDoS) attacks on Dutch ports, impacting websites for hours to days. The attacks were reportedly a reaction to the Netherlands’ intent to purchase Swiss tanks for Ukraine. The affected ports include Groningen, Amsterdam, Rotterdam, and Den Helder, with websites becoming temporarily unreachable. Despite the disruptions, essential shipping handling systems were not compromised, underlining the robustness of these critical infrastructure components.
The NoName057 (16) group, characterized as hacktivists, emerged in the aftermath of the Russian invasion, targeting entities that oppose Russian interests. Operating with a focus on achieving political goals, they have previously attacked the banking sector, defense industry suppliers, and logistics companies in NATO member states. The group utilizes amateur tools but remains effective in achieving its primary objective of garnering attention through successful website takedowns. On Telegram channels, they boast about their exploits, citing motives tied to geopolitical events.
While the Port of Rotterdam Authority identified the attacks as the work of a Russian group, with origins traced to Russian and Serbian IP addresses, the damage was limited to website unavailability. A spokesperson emphasized that, although crucial for public information, the websites are not indispensable for the port’s core functions. The attacks underline the heightened cyber threats faced by critical infrastructure, necessitating ongoing vigilance and security measures to protect against potential disruptions.
