On the eve of local and regional elections in Denmark, the websites of several of the country’s political parties became the targets of a cyberattack. The attack was quickly claimed by a pro-Russian hacker group, NoName057(16), via social media, which stated it was specifically targeting the sites of multiple Danish political entities and the public broadcaster, DR. An AFP journalist noted that on Monday morning, the websites for the Conservatives and the Red-Green Alliance were briefly rendered unavailable, indicating the immediate impact of the claimed actions.
The disruption extended beyond political parties, also affecting The Copenhagen Post, an online newspaper that provides Danish news in English. The publication informed its readers through Instagram that its website was currently displaying a “502 – Bad Gateway” error message. The newspaper further explained that the Danish Defence Intelligence Service had communicated to them that the most probable cause was a Distributed Denial of Service (DDoS) attack, suggesting that their coverage of the November 18 local elections had made them a specific target for the hackers.
DDoS attacks operate by overwhelming a website’s servers with a massive amount of traffic, thereby preventing legitimate users from accessing the site and effectively halting operations. While the hacker group explicitly mentioned targeting the public broadcaster DR, the organization reported that no incidents had been registered that in any way affected its ability to operate normally. This suggests the impact of the attack was not uniformly successful across all claimed targets.
The incident follows a similar pattern of recent activity. Just the week before, the same pro-Russian hacker group had taken responsibility for cyberattacks directed against various Danish municipalities, official government websites, and a defense company. This pre-election cyber activity aligns with earlier risk assessments conducted by Denmark’s intelligence services, establishing a context for the ongoing security concerns.
In early November, ahead of the local elections, Denmark’s intelligence service published a risk analysis that assigned a high likelihood to the occurrence of cyberattacks. The service specifically stated that it was probable that groups of pro-Russian hackers would carry out DDoS attacks against websites linked to the elections, essentially predicting the nature of the event that unfolded. The military intelligence service confirmed to AFP that the country’s civil protection unit was closely monitoring the situation, though the civil protection unit itself did not immediately respond to a request for further comment.
Reference:
