The blurring lines of hacktivism and crowdsourced cyber warfare: How NoName057(16) weaponises distributed denial of service attacks

This teaching case provides readers with a better understanding of different threat actors behind cyberattacks, their motivations, and the common techniques they use to target organisations and individuals. As an illustrative case, we examine the operating model and routines of NoName057(16), a pro-Russian hacktivist group. The group has launched thousands of Distributed Denial of Service (DDoS) attacks against public and private organisations, mainly from the North Atlantic Treaty Organization (NATO) member states and European countries, including Finland. Our analysis suggests that the group’s primary objective is to engage in geopolitical and psychological warfare, using technical disruptions as a stage for propaganda to delegitimise opponents. Additionally, we show that the group represents a hybrid threat actor, combining traditional hacktivism with the financial incentives of hackers-for-hire and the geopolitical objectives of state-sponsored hackers. Reflecting on the case, we encourage readers to consider attackers’ profiles and motivations in threat modelling, risk assessment, and incident management efforts.