Denmark has summoned Russia’s ambassador after accusing Moscow of carrying out two cyberattacks that targeted the country’s water infrastructure and political parties ahead of local elections.
Russia’s ambassador to Copenhagen, Vladimir Barbin, confirmed to Russian state media on Friday that he had been called to the Danish foreign ministry, but rejected the accusations as unfounded.
“The Danish side has not provided any evidence to support its accusations of Russia’s involvement in cyberattacks against Denmark,” Barbin told the RIA Novosti news agency, adding that he regarded the claims as “unfair speculation.”
The summons followed a statement on Thursday by the Danish Defence Intelligence Service (DDIS), which said Russia-linked hacker groups Z-Pentest and NoName057(16) were responsible for a destructive cyberattack on a Danish water utility in 2024 and a series of distributed denial-of-service (DDoS) attacks on Danish websites ahead of municipal and regional council elections in November 2025.
According to previous reports, the water utility attack targeted a small treatment plant near the port town of Køge, where hackers manipulated pressure in the system, leaving around 50 households without water for several hours.
NoName057(16) claimed responsibility for attacks on the websites of several Danish political parties, temporarily knocking them offline on the eve of the vote. DDoS attacks overwhelm servers with traffic, disrupting access to online services.
“The Russian state uses both groups as instruments of its hybrid war against the West,” DDIS said. “The aim is to create insecurity in the targeted countries and punish those that support Ukraine.”
The intelligence service said the attacks were part of a broader Russian influence campaign intended to undermine Western support for Ukraine, adding that Denmark’s elections were used to draw public attention — a pattern observed in other European countries.
Denmark’s foreign ministry called on Russia to cease what it described as malicious cyber activities.
Barbin, in turn, accused Denmark of allowing Ukrainian-linked hackers to operate from its territory, demanding that authorities prevent the IT Army of Ukraine from launching cyberattacks on Russia and committing fraud against Russian citizens from Danish IP addresses. He did not provide evidence to support the claims.
The diplomatic dispute comes as several European governments publicly confront Moscow over increasingly disruptive cyber operations. Earlier this month, Germany summoned Russia’s ambassador after accusing Moscow of carrying out a cyberattack on its air traffic control authority and running a disinformation campaign ahead of February’s federal election.
Berlin has said it has clear evidence linking an August 2024 cyberattack on Deutsche Flugsicherung, Germany’s state-owned air traffic control operator, to APT28 — also known as Fancy Bear — a hacking group tied to Russia’s military intelligence agency, the GRU.
Russia has repeatedly dismissed Western allegations of cyberattacks as baseless.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
