Advisory Warns Against Russia-Backed Cyberattack on Water Facilities

An advisory from various federal agencies has warned of a possible Russia-backed cyberattack on the water systems in North America and Europe.

According to the advisory, pro-Russia activists are targeting the facilities due to their poor security standards. It added that operations have been observed since 2022 and as recently as April. Hackers usually target water facilities’ human-machine interfaces, causing water pumps and blower equipment to go beyond normal operating parameters, Nextgov/FCW reported.

Among the organizations that issued the advisory are the Cybersecurity and Infrastructure Security Agency, the Department of Energy and the United Kingdom’s National Cyber Security Centre.

Research by Google-owned Mandiant linked the operations to an activist unit of Sandworm, an operation backed by Russia’s military intelligence directorate.

In September, a joint report by the United States and its allies also blamed Sandworm for a malware campaign targeting devices powered by the Android operating system used by the armed forces of Ukraine. The malware allows Russian forces to scrub multiple files to gain credentials and significant information.