A Russian military-affiliated hacking group, Sandworm, is suspected of coordinating recent cyberattacks on water utilities in the U.S., Poland, and France through proxy groups such as the Cyber Army of Russia. These attacks have raised serious concerns about the vulnerability of critical water infrastructure, which is already recognized as digitally insecure.
The Cyber Army of Russia claimed it manipulated water supply systems in Texas and a wastewater facility in Poland, causing significant disruptions, including the overflow of a water tower in Muleshoe, Texas. Additionally, they claimed to have accessed a French hydroelectric station, intending to manipulate water levels.
These incidents underscore the growing focus on water systems as prime targets for cyberattacks. The U.S. government has urged states to prioritize cybersecurity for water infrastructure, highlighting its critical status and the escalating risks.
Sandworm is notorious for its disruptive cyber activities, including attacks on Ukrainian infrastructure and involvement in the global NotPetya malware attack.