The Royal family’s official website went down after being targeted in a cyber attack for which Russian hackers have claimed responsibility.
It is understood that the website was down for about an hour and a half on Sunday morning but that no access to the site, systems or content was gained.
Russian hacker group Killnet took responsibility for the denial of service (DoS) attack, which is when sites are disrupted because they are bombarded and overloaded with superfluous traffic.
The pro-Kremlin group has become known for DoS cyber campaigns against countries supporting Ukraine, particularly NATO countries.
The Royal family’s website was up and running again by midday but had earlier displayed an “error” message to anyone attempting to access it.
DoS attacks differ from hacking in that the people targeting the website do not actually gain access or control of the site.
Buckingham Palace insiders suggested that it was impossible to know at this stage who was responsible for the attack.
The royal website showed an error message
However, KillMilk, the leader of Russian hacking group Killnet, claimed responsibility for the attack on social networking site Telegram.
Last year the group was named in a joint warning about cyberattacks on critical infrastructure from the “Five Eyes” alliance, made up of intelligence agencies in the UK, US, Australia, Canada and New Zealand.
It said there was an increased threat from “Russian state-sponsored and Russian aligned cybercrime” in the wake of the invasion of Ukraine and it noted that Killnet had already claimed responsibility for a distributed denial of service (DDoS) attack on an airport in Connecticut in the US.
A separate report from the US department of health said that the group has made threats against public health organisations, including in the UK.
In May last year, after one of their members was arrested for an attack on Romanian Government websites, the group threatened to target ventilators in British hospitals unless he was released.
However, US officials say that their threats should be taken with a “a pinch of salt”, adding: “Given the group’s tendency to exaggerate, it’s possible some of these announced operations and developments may only be to garner attention, both publicly and across the cybercrime underground.”
Attacks ‘don’t cause major damage’
In March KillMilk announced that they were establishing “Black Skills,” a Private Military Hacking Company which it was thought was an attempt to establish a cybercrime version of the Wagner mercenary group.
KillNet attacks reportedly don’t cause major damage to websites that they target, but can lead to outages that last for several hours or even days.
By 2.00pm on Sunday, the Royal website appeared to be working only intermittently and was sometimes slow to load.
It is unclear whether the cyber attack was ongoing but there appeared to be additional security checks running on users before allowing them on the site.
Earlier this year, Oliver Dowden, the deputy prime minister, warned businesses that Russia-linked cyber attack groups are out to “destroy or disrupt” the UK.
He told the CyberUK conference in Belfast that the groups were “ideologically motivated, rather than financially motivated,” and have begun to target Britain this year.
The attack comes after The Daily Telegraph reported fears that international cyber-terrorists could target live broadcasts during the King’s Coronation in May to take the ceremony off the air and score a propaganda coup.
Experts warned that hackers based in Russia and Iran were thought to be the most capable and likely of launching a cyber attack to disrupt the broadcasting of the major Royal event.
In 2011, a plot by hackers to disrupt the Royal Wedding of the Prince and Princess of Wales was foiled by the Met Police.
The plot involved an attempt to crash the Royal couple’s website while the wedding was being streamed using a DDoS attack, which was used to crash the Royal site on Sunday.
Buckingham Palace declined to comment on the attack.