Successful Breaches Renew Fears of Operational Vulnerabilities Across Water Sector
Russia is suspected of launching cyberattacks on poorly defended water utilities across Europe in a campaign that critical infrastructure and security analysts warn poses a growing threat to the United States and other Western allies.
See Also: What Manufacturing Leaders Are Learning About Cloud Security – from Google’s Frontline
Suspected Russian hackers struck a small hydropower plant in Northern Poland for the second time since May, then posted a video showing how they hijacked its interface, reported Polish cybersecurity news outlet CyberDefence24. The attack follows Polish Deputy Prime Minister Krzysztof Gawkowski’s warning that Poland now endures 300 Russian cyberattacks daily – triple last year’s figure – and comes amid a surge in Russia-linked disruptions to European water infrastructure (see: Breach Roundup: Russian Hackers Attacked Norwegian Dam).
Recent attacks have shown some success, with Norway’s spy chief confirming hackers opened a dam valve in Western Norway for nearly four hours, though no damage was reported. Assaults on the global water sector are mounting, experts told Information Security Media Group.
“Attacks against the water sector are increasing, and it’s a nation-state more than a criminal issue,” said Mike Hamilton, field CISO of Lumifi Cyber and former CISO of Seattle, Washington. He said many utilities lack the resources to hire and keep skilled cybersecurity staff and are increasingly turning to managed services to monitor networks and operational technology to limit the impact of breaches.
Analysts say nation-states like Russia target water utilities in smaller, under-resourced cities to test OT disruption with minimal risk of military retaliation. Smaller, albeit successful attacks can also send geopolitical messages while eroding public trust in basic infrastructure and revealing weaknesses in Western critical infrastructure security – particularly in NATO-aligned countries like Poland and Norway.
Cybersecurity experts have long warned that America’s dams and water infrastructure are vulnerable, with most facilities under Federal Energy Regulatory Commission oversight not receiving full cyber audits. The U.S. has faced its own water-sector incidents, including a 2024 incident in which suspected Russian hackers caused a water tank at a Texas utility to overflow.
Analysts have recently warned that escalating global conflicts – including Russia’s war in Ukraine and the Israel-Palestine fighting in Gaza – could trigger retaliatory cyberattacks against the U.S. and its allies, including Poland and Israel (see: Israeli Strikes Raise Fears of Cyberattacks and Retaliation).
In August, the U.S. Cybersecurity and Infrastructure Security Agency urged critical infrastructure operators to adopt a systematic approach to building and maintaining an OT asset inventory to better identify and secure vital systems.
Acting CISA Director Madhu Gottumukkala described OT systems as essential “to the daily lives of all Americans and to national security,” adding that they power “everything from water systems and energy grids to manufacturing and transportation networks.”