日本語
한국어
Tiếng Việt
简体中文
Norwegian authorities have formally linked a significant cyberattack on a dam in Bremanger, Norway, to pro-Russian actors, marking a critical escalation in concerns over sabotage targeting essential infrastructure across Europe. This incident is the first time Oslo has directly attributed such an attack to groups associated with Russia.
The cyber intrusion, which occurred in April, saw hackers remotely gain access to the digital controls of the Bremanger dam, primarily used for fish farming operations. The attackers then manipulated the system to open a valve, unleashing a torrent of 132 gallons of water per second for a continuous four-hour period before the breach was detected and halted by authorities. This resulted in an estimated two million gallons of water being released.
Attribution and Broader Context
While the deluge caused no reported injuries or significant material damage, intelligence agencies view the operation as part of a wider strategy aimed at intimidating and unsettling the general populace. “Our Russian neighbour has become more dangerous,” stated Beate Gangås, head of Norway’s Police Security Service, during a briefing on hybrid attacks.
Technical evidence supporting the attribution emerged in a three-minute video posted on Telegram, bearing the distinct identifiers of a pro-Russian cybercriminal group. Police attorney Terje Nedrebø Michelsen confirmed the video’s authenticity to the Norwegian Broadcasting Corporation (NRK), noting its significance as the first confirmed breach of Norway’s water infrastructure since 2022, despite similar propaganda circulating online.
Kripos, Norway’s organized crime unit, indicated that the group responsible comprises multiple affiliated actors who have executed numerous cyber operations against Western businesses in recent years. However, specific identities remain undisclosed, highlighting the persistent challenge in definitively attributing complex cyberattacks.
Growing Recklessness and Denials
Western intelligence officials have issued warnings that sabotage campaigns attributed to Russia are increasingly reckless. This trend encompasses a range of incidents including vandalism, arson, attempted assassinations, and cyberattacks since Moscow’s full-scale invasion of Ukraine. Last year, Britain’s MI6 chief, Richard Moore, characterized Russia’s actions as a “staggeringly reckless campaign” designed to undermine European support for Ukraine—a claim consistently denied by Moscow.
The Russian embassy in Oslo swiftly rejected the accusations, labeling them “unfounded and politically motivated” in an emailed response. They further contended that allegations of Russian sabotage constitute a “mythical threat” fabricated by Norwegian authorities in their annual security report.
Norway’s Vulnerability and Call for Vigilance
As a leading gas exporter heavily reliant on hydropower for its electricity and sharing a 123-mile Arctic border with Russia, Norway’s national infrastructure and power generation systems are particularly vulnerable. Intelligence services have repeatedly cautioned against the growing sophistication of foreign cyber operations. Gangås explained to NRK that state actors often leverage proxy groups to demonstrate their capabilities, subsequently publicizing these actions online as a clear message: “look what we can do if we want to.”
During a recent briefing titled “Hybrid attacks against Norway: are we at war?”, Gangås urged the public to maintain vigilance, stressing that such cyber threats are likely to become more frequent both in Norway and across Europe. “I want Norwegians to be prepared,” she emphasized.