Norwegian Police Say Pro-Russian Hackers Were Likely Behind Suspected Sabotage at a Dam

Russian hackers are likely behind suspected sabotage at a dam in Norway in April that affected water flows, police officials told Norwegian media on Wednesday.

The director of the Norwegian Police Security Service, Beate Gangås, said cyberattacks are increasingly being carried out against Western nations to stoke fear and unrest.

The Associated Press has plotted more than 70 incidents on a map tracking a campaign of disruption across Europe blamed on Russia, which Western officials have described as “reckless.” Since Moscow’s invasion of Ukraine, Western officials have accused Russia and its proxies of staging dozens of attacks and other incidents, ranging from vandalism to arson and attempted assassination.

Intelligence officials told the AP that the campaign is becoming more violent.

During the April incident, hackers gained access to a digital system which remotely controls one of the dam’s valves and opened it to increase the water flow, NRK said. The valve was open for around four hours but did not pose a danger to the surrounding area, NRK reported.

A three-minute long video showing the dam’s control panel and a mark identifying a pro-Russian cybercriminal group was published on Telegram in April, police attorney Terje Nedrebø Michelsen told NRK.

Similar videos have previously circulated on social media, but the announcement by Norwegian police marked the first time since 2022 that officials have publicly suggested pro-Russian hackers may have successfully targeted critical water infrastructure in Europe.

Gangås told NRK that state actors typically use other groups to hack into facilities to show “look what we can do if we want to,” before bragging about it afterwards.

She spoke Wednesday alongside the head of Norway’s intelligence agency at a briefing titled: “Hybrid attacks against Norway: are we at war?”

NRK said Gangås warned such activity is only likely to increase in Norway and other European countries.

Learn More at SecurityWeek’s ICS Cybersecurity Conference The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity. October | Atlanta www.icscybersecurityconference.com

Related: Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks

Related: Automatic Tank Gauges Used in Critical Infrastructure Plagued by Critical Vulnerabilities