Critical Infrastructure Security,
Cyberwarfare / Nation-State Attacks,
Fraud Management & Cybercrime
Recent Breaches Heighten Concerns Over Operational Setbacks in the Water Sector
Recent reports indicate that Russia has instigated a series of cyberattacks on vulnerable water utilities throughout Europe, presenting a significant threat to the United States and its Western allies, according to analyses from experts in critical infrastructure and cybersecurity.
In a notable incident, suspected Russian hackers targeted a small hydropower facility in Northern Poland for the second time since May. Following the breach, a video was released that demonstrated the hackers’ ability to manipulate the facility’s control interface, as reported by Polish cybersecurity outlet CyberDefence24. This attack aligns with Polish Deputy Prime Minister Krzysztof Gawkowski’s alarming statement about the 300 daily Russian cyberattacks targeting Poland, a figure that has tripled since the previous year. These troubling developments come amidst increased disruptions to European water services linked to Russian cyber activities.
Evidence suggests that recent breaches have included notable outcomes. Norway’s intelligence chief verified that hackers managed to open a dam valve in Western Norway for almost four hours without causing physical damage. Analysts noted that these attacks are on the rise, highlighting the vulnerabilities existing within vital global water infrastructure.
Mike Hamilton, a field Chief Information Security Officer, indicated that attacks on the water sector are primarily state-sponsored rather than merely criminal efforts. Many utilities struggle to attract and retain skilled cybersecurity personnel; as a result, they are increasingly reliant on managed service providers to safeguard their networks and operational technologies against potential breaches.
Cybersecurity analysts contend that nation-states like Russia particularly focus on smaller, less-resourced cities’ utilities as testing grounds for operational technology disruptions, minimizing the risks of military retaliation. These smaller-scale attacks can serve larger geopolitical purposes while simultaneously undermining public trust in essential infrastructure and exposing weaknesses in critical infrastructure security across NATO countries, including Poland and Norway.
Warnings from cybersecurity experts have highlighted the vulnerabilities within America’s water infrastructure, where many facilities lack comprehensive cybersecurity audits due to insufficient oversight from the Federal Energy Regulatory Commission. The U.S. has faced significant incidents, including a 2024 breach where suspected Russian hackers caused an overflow at a water tank in a Texas utility.
Recent global tensions, including Russia’s ongoing war in Ukraine and the conflict in Gaza, further heighten the risk of retaliatory cyberattacks against the U.S. and its allies. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently called for critical infrastructure operators to adopt systematic approaches for building and maintaining operational technology asset inventories to better secure these essential systems.
Acting CISA Director Madhu Gottumukkala has emphasized the criticality of operational technology systems, stating they are essential for facilitating daily life in the U.S. and are integral to national security. These systems form the backbone of water supply, energy management, and transportation networks.
