Apr 17, 2024 - Technology

Russia-linked hackers claim cyberattacks on U.S., French and Polish water utilities

Illustration of a hand made of water coming out of a faucet.

Illustration: Brendan Lynch/Axios

A politically motivated hacking group behind a recent series of cyberattacks on water systems in the United States, Poland and France is now believed to be connected to the Russian military, researchers at security firm Mandiant warned Wednesday.

Why it matters: Water systems remain one of the most digitally insecure critical infrastructures, and a successful attack could allow hackers to tamper with drinking water and wastewater management.

Driving the news: Google Cloud-owned Mandiant said in a report Wednesday that a notorious Russian military hacking team known as Sandworm appears to have a direct relationship with several pro-Russia hacktivist groups.

  • One of those is the Cyber Army of Russia, which has claimed responsibility for several cyberattacks on water systems this year.
  • Sandworm is believed to have the ability to "direct and influence" the Cyber Army of Russia's activities, per Mandiant.

Zoom in: In January, the Cyber Army of Russia posted in its Telegram channel that it had manipulated systems that control water supplies in several Texan towns and a wastewater utility in a Polish village.

  • One such cyberattack in Muleshoe, Texas, resulted in hackers overflowing a water tower, sending tens of thousands of gallons of water into the street and drain pipes, per The Washington Post.
  • Two other Texas towns also detected malicious activity on their networks around the same time as the Muleshoe attack, CNN reports.
  • In March, the same hacking group shared a different video claiming it had broken into a French hydroelectric power station and could manipulate water levels.

Yes, but: Mandiant could not verify whether Sandworm was directly involved in these specific water system cyberattacks.

  • A French newspaper reported Wednesday that the Russian hackers had targeted a French mill when they believed they were hacking into a hydroelectric dam.

The big picture: U.S. water systems have become a prime hacking target in recent years.

Between the lines: However, the new suspected Russian cyberattacks would mark the first time that the Russian government has shown an interest in targeting U.S. water supplies.

Zoom out: Water systems often lack the funding and human resources to maintain and practice basic cybersecurity.

  • Last month, the White House and Environmental Protection Agency sent a letter to U.S. governors asking them to make water cybersecurity a top priority, according to CNN.
Go deeper