Cyber Incident Victim: Trafford Council

On or around November 1, 2024, Trafford City Council was among multiple UK local authorities targeted in a distributed denial-of-service (DDoS) attack claimed by the pro-Russian hacker group NoName057(16). The attack disrupted public access to the council’s website, though the council confirmed no internal services or resident data were compromised. Similar simultaneous attacks affected Portsmouth, Salford, Bury, and Middlesbrough councils, with varying durations of disruption. Trafford Council’s website experienced temporary downtime but was restored to normal operation alongside Salford and Bury’s sites within a short timeframe, while Middlesbrough’s site remained offline longer after its IT team proactively took it down for investigation. The attackers aimed to overwhelm council websites with traffic, preventing legitimate users from accessing online services but not breaching internal systems.

Portsmouth City Council publicly confirmed the attack on its Facebook page, noting NoName057(16)’s involvement and assuring residents that core services and data remained secure despite website instability. Trafford and other councils issued similar reassurances, directing residents to alternative portals like MyPortsmouth for payments and services during disruptions. The National Cyber Security Centre (NCSC) provided guidance to affected councils, characterizing the attacks as “relatively low in sophistication and impact” but acknowledging their potential to cause operational inconvenience. No council reported data theft, financial losses, or prolonged service interruptions beyond website accessibility issues. Recovery efforts focused on mitigating the DDoS traffic and restoring public-facing web functionality, with all councils resuming normal online operations shortly after the incident.