An alert from the National Cyber Security Centre warned that pro-Russian distributed denial-of-service attacks are continuing to target British organisations, with local government services and operational technology highlighted on January 21, 2026.
KEY FACTS
- Incident Pro-Russian distributed denial-of-service attacks against UK online services
- Date January 21, 2026
- Targets Local government systems and operational technology
- Mitigation Follow the alert’s guidance to harden resilience and test defences
The alert describes attacks that are not highly sophisticated yet can still cause service outages by flooding networks with unwanted traffic. Visible effects include inaccessible websites and disrupted access to online services that the public and organisations rely on.
Operational technology is increasingly named as a target. Operational technology covers the hardware and software that monitors and controls industrial equipment used in manufacturing, transport and energy sectors which can be impacted when networked systems are overloaded.
The advisory highlights that these attacks are believed to be ideologically motivated rather than financially driven and that actors operate outside direct state control. Such attacks can still impose significant recovery costs and operational disruption for affected organisations.
Recommended resilience measures include identifying network and compute points that could be overloaded, working with service providers to mitigate traffic before it reaches systems, designing services to scale under load, planning for graceful degradation while retaining administrative access, and testing and monitoring defences to know attack capacity limits.
WHY IT MATTERS
DDoS attacks can deny access to essential public and commercial online services and increase operational costs. Organisations that operate critical services and operational technology should assess and strengthen resilience in line with the alert’s guidance.