The notorious NoName ransomware group, believed to have Russian connections, has reportedly launched a series of cyberattacks targeting several Finnish government organizations in its latest spree. As a consequence of these alleged NoName cyberattacks on Finland-based entities, the websites of multiple victims experienced temporary inaccessibility.
Finnish websites, including Traficom, the National Cyber Security Centre Finland (NCSC-FI), The Railways, The Agency for Regulation and Development of Transport and Communications Infrastructure of Finland, and several subdomains of the Finnish Road Agency, fell prey to the recent NoName DDoS attacks targeting Finland.
The DDoS campaign has also targeted the Central Chamber of Commerce, the Bank of Finland, the Helsinki Region Chamber of Commerce, and The Finland Arbitration Institute.
NoName Cyberattacks on Finland
The Cyber Express team checked the websites reportedly attacked under NoName cyberattacks and found them working fine. The team also tried reaching out to the affected organizations for details on the alleged NoName DDoS attacks but got no official response as of writing this report.
NoName ransomware group, which is also known as NoName057(16) has posted a message on its dark web portal claiming to have targeted the government and private organizations in Finland. The screenshots of the dark web post have been published on the X (formerly Twitter) handle of a cybersecurity research organization.
One screenshot taken from the cybercriminal group’s leak portal reads, “Finland continues to receive our New Year’s gifts (evil smile emoji)”. From what we can understand, this is an attempt to disturb the day-to-day activities of the Finnish citizens as most of the victims of NoName DDoS attacks are government organizations related to road and rail transport as well as cybersecurity.
The screenshot also contains additional information in the Russian language, purportedly linked to the cyberattack. The second screenshot has listed the alleged victims of the NoName DDoS attacks.
The third screenshot taken from the dark web portal of NoName contains a message from the ransomware group directed to the Finnish government. The message reads, “While Russia is celebrating the New Year, in Finland it is the Day of Cowardly Closing by Geo after the attack NoName057(16) (evil smile emoji)”.
DDoS attacks have been on the rise since Russia came to the forefront with the Western powers during the Russia-Ukraine war. Ukraine being backed by the EU and US has irked Russia, which has in turn got multiple EU and US-based organizations being targeted by the Russia-linked hacker groups.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
