Government platforms and defence industry targeted in large-scale DDoS assault
Danish government websites and several defence-related platforms suffered major disruptions on Thursday following a large-scale cyberattack attributed to pro-Russian hackers. According to the Danish Civil Protection Agency, the websites of the Ministry of Transport and the national administrative services portal borger.dk became inaccessible as multiple institutions were hit by a distributed denial-of-service (DDoS) attack that overwhelmed servers with malicious traffic. The incident was reported after hackers claimed responsibility on social media, echoing the account described in the report on how a pro-Russian group targeted multiple Danish institutions.
Authorities monitor the situation as disruption spreads
The Danish Civil Protection Agency confirmed that “several Danish companies and websites are currently experiencing outages and disruptions caused by DDoS attacks,” adding that it is closely monitoring developments together with Denmark’s military intelligence service. Defence company Terma also reported being targeted. Its spokesperson, Tobias Brun-Falkenkrohn, told AFP it was too early to identify the perpetrators or assess their motives. The latest attack follows a strike the previous day on several Danish municipalities, occurring less than a week before local elections in a country that remains one of Ukraine’s strongest supporters.
NoName057 intensifies activity across Europe amid ongoing hybrid operations
The attacks were claimed by NoName057, a pro-Russian hacker group active since 2022 and known for targeting government, media and infrastructure websites in states supporting Ukraine, including Poland, Lithuania, Germany, Finland, the United States and Denmark. Cybersecurity analysts note that the group does not typically seek to steal data or infiltrate networks. Instead, its operations aim to paralyse websites, create information noise and project an image of Russia’s broad cyber presence. DDoS attacks are viewed as a tool of hybrid warfare designed to undermine confidence in Europe’s digital infrastructure.
Denmark’s support for Ukraine increases its exposure to hostile cyber activity
Copenhagen’s extensive political, military and humanitarian support for Ukraine has made it a frequent target of Russian cyber operations. Since 2023, Denmark has supplied F-16 fighter jets, artillery and air-defence systems, funded humanitarian programmes and contributed to Ukraine’s defence-industrial capacity under the so-called Danish model. This role has heightened its profile in Russian cyber campaigns seeking to punish countries that back Kyiv diplomatically and militarily.
Disruptions highlight attempts to erode trust ahead of local elections
The temporary shutdown of the Ministry of Transport’s website and the borger.dk portal caused inconvenience for citizens who rely on digital public services. However, the broader objective of such cyber operations is to undermine confidence in the ability of even technologically advanced states to protect their digital infrastructure. The attack occurring days before municipal elections signals an attempt to influence the political environment. While DDoS attacks cannot alter vote counts, they can cause delays, communication disruptions and cast doubt on the transparency of the electoral process—an approach Russia has previously employed in France and Germany.
Strategic targets underscore the political intent behind the attacks
Terma, a key supplier to the Danish armed forces and NATO, was among the primary targets. Hitting such a company serves as a demonstration that Russian-aligned hackers can reach strategically significant entities, and as a warning to businesses supporting Ukraine or contributing to Euro-Atlantic security. Although Danish authorities have reported no data loss or severe security breaches, the incident underscores the need for ongoing reinforcement of national cyberdefence systems.
Attacks prompt renewed urgency for European cyber cooperation
Denmark already cooperates closely with NATO on cybersecurity, but the latest wave of attacks is likely to accelerate discussions on broader European mechanisms to counter hybrid threats. The pattern of coordinated DDoS operations across multiple states highlights the need for collective defence measures capable of responding to persistent cyber pressure from Russia-aligned actors.
