Pro-Kremlin hackers strike French parliament

NoName057(16), an anti-Ukrainian hacktivist collective, has brought down the website of the French National Assembly for several hours to send a message to French President Emmanuel Macron.

The website of the National Assembly, the lower house of the French Parliament, was down as a result of a distributed denial-of-service (DDoS) attack carried out by pro-Russian hackers in retaliation for France’s support for Ukraine.

Attackers’ other targets included the French Senate and Children’s Parliament. The website of the Assembly was “under maintenance” for several hours. The website of the Children’s Parliament was also inaccessible, but the attackers failed to take down that of the Senate.

An investigation into the three attacks was launched by the French authorities. Pro-Russian hacktivist group NoName057(16) has claimed responsibility on its Telegram channel.

“We have decided to repeat our recent trip to France, where protests against Macron continue to rage after he decided to not give a damn about the French people and continues to ‘serve’ Ukrainian neo-Nazis,” the message read, in Russian.

Screenshot of Telegram

Part of Russia’s cyberwar in Europe, DDoS attacks – whereby targeted servers are temporarily overwhelmed by hijacked ‘zombie’ computers bombarding them with requests – are more of a nuisance than something that can cause actual damage, and are frequently used to send a political message.

Russian hacker groups have a history of supporting anti-government demonstrations and populist movements in France. Moscow sees societal divisions in Western democracies as a weak spot that it can exploit to undermine their support for Ukraine.

Protests have rocked France because of the government’s planned pension reform that will see the retirement age raised by two years, to 64.

NoName057(16) formed a year ago and has become a notable pro-Russian threat group since then, according to cybersecurity firm Radware. It is known for launching DDoS and defacement attacks and is considered to be one of the most active Russian threat actors, as well as the most prominent one targeting Western organizations.

In the past, its targets included the Czech presidential candidates, Polish e-government websites, Denmark’s financial institutions, and Lithuanian businesses, as well as the Finland parliament website.