A pro-Russian hacking collective known as Noname057(16) has publicly taken credit for a significant cyberattack that severely disrupted operations at France's national postal service, La Poste. The incident occurred during the critical Christmas period, causing widespread operational chaos, as confirmed by French prosecutors in a report highlighted by Euronews.
Chaos During the Christmas Rush
The timing of the attack was particularly damaging, striking at the busiest time of the year for La Poste and its over 200,000 employees. Earlier this week, the organisation's primary computer systems were rendered inoperative after hackers overwhelmed them with a flood of traffic, a technique known as a Distributed Denial-of-Service (DDoS) attack.
The technical problems persisted for several days after the initial breach was reported. The fallout was immediate and severe: postal workers lost the ability to track package destinations, and customers were blocked from making online payments through La Banque Postale, the service's banking arm.
Expanding Investigation and Wider Campaign
Following the group's claim of responsibility, France's domestic intelligence agency, the DGSI, has taken charge of the investigation, according to the Paris prosecutor's office. This cyber assault on La Poste comes just days after the French government disclosed a separate breach targeting the Interior Ministry, where a suspected hacker stole several dozen sensitive documents and accessed police records and information on wanted individuals.
Interior Minister Laurent Nunez detailed this earlier attack in an interview with Franceinfo. The consecutive incidents underscore a heightened threat level, with European intelligence agencies now reportedly dedicating as much operational time to investigating Russian interference as they do to monitoring terrorist threats.
A Persistent and Global Threat
Noname057(16) is not a new actor on the cyber battlefield. The group has previously targeted websites in Ukraine, Poland, Sweden, and Germany, focusing on media outlets, government offices, and commercial enterprises. Despite a major international crackdown in July—codenamed Operation Eastwood—the group remains alarmingly active.
That operation involved police from 12 countries, leading to the shutdown of over 100 computer servers globally, the arrest of two individuals in France and Spain, and the issuance of seven arrest warrants, including for six Russians. Remarkably, the group resumed its offensive within days of the crackdown.
In France alone, the hackers have previously hit government websites, including the Justice Ministry and several local government offices. The context of these attacks is a broader campaign that Western nations attribute to Russia. France and other European supporters of Ukraine accuse Moscow of orchestrating a campaign of sabotage, assassinations, cyber intrusions, and disinformation to sow division and weaken Western backing for Kyiv.
Since Russia's full-scale invasion of Ukraine in February 2022, Western officials have blamed Moscow for dozens of sabotage acts across Europe, including arson at warehouses and damage to railway infrastructure.
Broader Implications and Ongoing Probes
In a related development last week, French prosecutors revealed that the country's spy agency is investigating a planned cyberattack involving malware designed to remotely control computer systems on a large passenger ferry. A Latvian crew member has been detained on charges of working for a foreign power, though officials have not publicly named the country involved.
A French official strongly hinted at Russian involvement, stating that "foreign interference very often comes from the same country." However, the French government has not yet formally attributed the La Poste attack or other recent incidents to any specific nation. The situation highlights the evolving and persistent nature of state-sponsored cyber threats facing Europe today.
