Pro-Russian Hackers Disrupt Danish Political Websites Ahead of Local Elections
Pro-Russian hackers launched distributed denial-of-service (DDoS) attacks on Monday, temporarily taking offline multiple Danish political party and government websites just hours before local elections. The affected sites included those of the Conservatives, the Red-Green Alliance, the Moderates, and the ruling Social Democrats, as well as The Copenhagen Post, an English-language news outlet.
The Russian-aligned group NoName057(16) claimed responsibility for the attacks, which flooded servers with traffic to disrupt access. Danish authorities, including the Agency for Social Security and military intelligence, confirmed the incidents but noted that such disruptions have become routine in the country. While the attacks caused brief outages, election officials reported no impact on voting, which proceeded manually as planned.
The cyber incidents followed a broader surge in attacks targeting Danish public- and private-sector websites in the weeks leading up to the elections. Earlier in the month, government and defense industry sites were similarly disrupted in a DDoS campaign also attributed to NoName057(16). Danish officials assessed that direct interference in the electoral process remained unlikely.
NoName057(16), active since Russia’s 2022 invasion of Ukraine, specializes in short-lived DDoS attacks executed with volunteer support. The group has frequently targeted European nations, including Poland, Czechia, Lithuania, and Italy. In July, a joint operation by European and U.S. law enforcement seized over 100 of its servers and issued arrest warrants for six Russian nationals linked to the group. Despite the crackdown, NoName057(16) continues to announce new targets via its Telegram and X channels.
The attacks in Denmark follow a pattern of election-related cyber disruptions across Europe, including recent incidents in Moldova, Poland, and Romania. While the group’s campaigns typically seek attention rather than strategic disruption, their persistence underscores ongoing cyber threats to democratic processes.
Source: https://therecord.media/denmark-election-political-government-websites-ddos-incidents
Cerise+SPTF cybersecurity rating report: https://www.rankiteo.com/company/social-performance-task-force
The Copenhagen Post cybersecurity rating report: https://www.rankiteo.com/company/the-copenhagen-post
The Conservatives cybersecurity rating report: https://www.rankiteo.com/company/the-conservatives
Global Moderates Forum, Inc cybersecurity rating report: https://www.rankiteo.com/company/global-moderates-forum-inc
"id": "SOCTHETHEGLO1774405670",
"linkid": "social-performance-task-force, the-copenhagen-post, the-conservatives, global-moderates-forum-inc",
"type": "Cyber Attack",
"date": "9/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Government/Politics',
'location': 'Denmark',
'name': 'Conservatives (Denmark)',
'type': 'Political Party'},
{'industry': 'Government/Politics',
'location': 'Denmark',
'name': 'Red-Green Alliance',
'type': 'Political Party'},
{'industry': 'Government/Politics',
'location': 'Denmark',
'name': 'Moderates (Denmark)',
'type': 'Political Party'},
{'industry': 'Government/Politics',
'location': 'Denmark',
'name': 'Social Democrats (Denmark)',
'type': 'Political Party'},
{'industry': 'Media',
'location': 'Denmark',
'name': 'The Copenhagen Post',
'type': 'News Outlet'}],
'attack_vector': 'Distributed Denial-of-Service (DDoS)',
'date_detected': '2024-06-03',
'date_publicly_disclosed': '2024-06-03',
'description': 'Pro-Russian hackers launched distributed denial-of-service '
'(DDoS) attacks on Monday, temporarily taking offline multiple '
'Danish political party and government websites just hours '
'before local elections. The affected sites included those of '
'the Conservatives, the Red-Green Alliance, the Moderates, and '
'the ruling Social Democrats, as well as The Copenhagen Post, '
'an English-language news outlet. The attacks caused brief '
'outages but did not impact voting, which proceeded manually '
'as planned.',
'impact': {'brand_reputation_impact': 'Potential reputational harm to '
'affected entities',
'downtime': 'Temporary outages',
'operational_impact': 'Brief disruption of online services',
'systems_affected': 'Websites of Danish political parties and '
'government, news outlet'},
'investigation_status': 'Confirmed by Danish authorities',
'motivation': 'Disruption of democratic processes, attention-seeking',
'post_incident_analysis': {'root_causes': 'DDoS attack by NoName057(16) using '
'volunteer support'},
'references': [{'date_accessed': '2024-06-03',
'source': 'Cyber Incident Description'}],
'response': {'law_enforcement_notified': 'Danish authorities (Agency for '
'Social Security and military '
'intelligence)'},
'threat_actor': 'NoName057(16)',
'title': 'Pro-Russian Hackers Disrupt Danish Political Websites Ahead of '
'Local Elections',
'type': 'DDoS'}