Cyber Incident Victim: British Royal Family
Date:
Oct 2023
Location:
United Kingdom
Summary
Pro-Russia hacktivist group Killnet claimed responsibility for a distributed denial-of-service attack that temporarily crashed the British royal family's official website, causing an outage exceeding one hour. The group framed the incident as targeting "paedophiles," an apparent reference to unproven allegations against Prince Andrew, though no system infiltration or data compromise occurred. Killnet, known for politically motivated DDoS campaigns against NATO nations supporting Ukraine, likely conducted the attack following King Charles III's public condemnation of Russia's invasion and explicit support for Ukrainian victory. While the group's ties to Russian state entities remain unconfirmed, cybersecurity analysts classify Killnet as a persistent threat capable of disrupting critical infrastructure through temporary service outages.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On October 1, 2023, the British royal family's official website (royal.uk) experienced a service disruption lasting over an hour during Sunday morning hours. A royal source confirmed the outage resulted from a denial-of-service attack that overwhelmed the site's infrastructure, though clarified no unauthorized system access or content compromise occurred. The distributed denial-of-service (DDoS) tactic prevented public access to the site but did not breach security controls protecting sensitive data or backend systems. While initial attribution remained unconfirmed by palace officials, the pro-Russia hacktivist group Killnet publicly claimed responsibility for the attack through online channels. Killnet characterized the incident as targeting "paedophiles," an apparent reference to longstanding sexual abuse allegations against Prince Andrew that he has consistently denied.
The cyber incident occurred three days after King Charles III delivered remarks at the French Senate on September 21 condemning Russia's "horrifying military aggression" in Ukraine and affirming Britain's unwavering support for Ukrainian victory. Killnet, active since early 2022 coinciding with Russia's invasion of Ukraine, specializes in DDoS operations against nations supporting Ukraine, particularly NATO members. U.S. Health and Human Services cybersecurity analysts previously assessed Killnet's attacks typically cause temporary service disruptions rather than permanent damage, though outages can persist for hours or days. While no confirmed ties exist between Killnet and Russian intelligence agencies like the FSB or SVR, the group remains classified as a persistent threat to government and critical infrastructure networks. Buckingham Palace issued no official statement regarding the website disruption, with technical teams restoring normal operations within the outage window without further reported complications. The incident highlighted ongoing geopolitical tensions manifesting in cyberspace following the monarch's repeated public condemnations of Russia's war efforts.