Radware report ranks top 15 most active political and religious hacktivists

April 26, 2023
Provides a deep dive into 60 days of DDoS attacks led by the world’s most infamous hacktivists
  • Top claiming actors: NoName057(16), Anonymous Sudan, and Mysterious Team
  • Most targeted countries: Israel, India, Poland, and Australia
  • Top targeted websites: Business, government, travel, and financial services  

MAHWAH, N.J., April 26, 2023Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, released a new reportHacktivism Unveiled: Insights into the Footprints of Hacktivists. The tell-all report provides an in-depth, comparative analysis of the motivations, targets, tactics and techniques, and DDoS activities of the world’s top 15 most active political and religious hacktivist groups.

 Radware’s threat intelligence reveals the rankings and profiles of top attacking actors, the most attacked countries and websites, as well as some misperceptions about well-known hacktivist groups. The findings in Hacktivism Unveiled are based on the tracking and analysis of messages from active hacktivist groups on Telegram during the period between Feb. 18 - April 18, 2023.

 Pascal Geenens, Radware’s director of threat intelligence, noted the changing landscape of hacktivism. Geenens said, “While religious hacktivism has remained a constant threat over the years, Russia’s invasion of Ukraine has ushered in a whole new wave of not only patriotic and political hacktivism but also hacktivism in general. Modern-day hacktivism with its barrage of denial-of-service attacks is bolder, more determined, and more media-driven than ever before.”  


The Ranking of the Who’s Who of Hacktivists

During the period between Feb. 18 - April 18, 2023, over 1,800 denial-of-service attacks were claimed by political and religious hacktivists across 80 Telegram channels.

  • NoName057(16) claimed almost 30% of the attacks, followed by Anonymous Sudan (18%) and Mysterious Team (13%). NoName057(16) is by far the most active DDoS hacktivist among the politically driven, pro-Russian hacktivists.
  • Anonymous Sudan, Mysterious Team, and Team Insane PK are responsible for most of the religiously driven DDoS activity and ranked second, third, and fourth respectively among hacktivists claiming the most attacks. 
  • While there might be doubts about the alignment of Anonymous Sudan to the Russian government, their attack motives and patterns suggest a religiously motivated group rather than a politically motivated one.
  • Killnet, the group most prominently covered in the media and often suspected of the most hacktivist DDoS activity, did not rank among the top 15 of hacktivists, claiming 11 attacks during the period compared to NoName057(16)’s 544 attacks.
  • Passion, the pro-Russian, turned for-profit criminal hacktivist group that provides DDoS-for-hire services, stands out among the hacktivists targeting large U.S. cloud organizations.

 Top Attacked Countries

During the period from Feb. 18 - April 18, 2023:

  • Israel topped the list of most attacked countries, shouldering 11% of the DDoS attacks, followed by India (9%), Poland (8%), and Australia (8%). Israel, India, and Australia were targets of pro-Islamic hacktivists during the recent #OpIsrael, #OpIndia, and #OpAustralia operations.
  • The United States (6%) and Germany (6%), followed by Sweden (5%), Ukraine (5%), Denmark (4%), and Italy (4%) rounded out the list of the top 10 most targeted countries.
  • Poland is the only country in the top five that was specifically targeted by pro-Russian hacktivists in attacks relating to the Russo-Ukrainian war.

 Top Attacked Websites

During the two-month period:

  • Business (19%), government (18%), and travel (13%) websites were the most targeted by hacktivists, followed by financial services (7%), education (6%), and health and medicine (4%).
  • Business and government websites were attacked by most of the top hacktivist groups that were tracked in the report. 
  • Financial services and travel websites were primarily targeted by NoName057(16), Team Insane PK, Mysterious Team, and Anonymous Sudan. 

 Geenens added, “Denial of service has always been an important tactic used by hacktivist groups, and this will not change any time soon. Any organization, independent of size and industry, can become a target of hacktivists who desire to advance their cause and hold organizations and governments accountable for their actions. While there is no reason for panic, organizations need to be prepared. It is widely known in the security community that disrupting or impacting an organization or infrastructure requires more perseverance than skills or sophistication.”

 Radware’s complete Hacktivism Unveiled report can be found on the company’s website.

 About Radware

Radware® (NASDAQ: RDWR) is a global leader of cyber security and application delivery solutions for physical, cloud, and software-defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down. For more information, please visit the Radware website.

Radware encourages you to join our community and follow us on Facebook,  LinkedIn, Radware Blog, Twitter, YouTube, and Radware Mobile for iOS and Android.