Login

Promote Your Company       |     Contact

Independent Cyber News.

Alleged Russian Hackers Target Norwegian Dam
Critical Infrastructure | Investment | Leadership | Security Operations | Threat Intelligence
Posted: Thursday, Jul 03

i 3 Table of Contents

Alleged Russian Hackers Target Norwegian Dam
From Grant Geyer

Overview

This wasn’t a super sophisticated cyber attack; it was someone logging into a control system with too little security and opening a dam valve all the way. While the impact was minimal – 447 litres/second of flooding – it’s a reminder that the same digital world that provides us so many societal benefits has a soft underbelly if not properly secured. Just like you wouldn’t leave your front door unlocked, the systems that we rely on for access to water, power, and heat need that same basic protection.

Cold, Hard Facts

The Norwegian dam breach underscores a key truth for security and risk leaders: it’s not always the sophisticated attacks that cause the most disruption; it’s the simple, overlooked exposures. Remote access, authentication hygiene, and clear ownership of cyber-physical interfaces should be routine agenda items, not reactive conversations. Incidents like this are not outliers; they’re reminders that foundational controls are the cornerstone of operational resilience.

This incident should serve as a wake-up call for critical infrastructure providers worldwide on what our adversaries are capable of. In the U.S., where over 92,000 dams form a core part of our critical infrastructure the stakes could be much higher. This wasn’t a high-tech exploit – it was a case of insufficient access controls. Given the ability to cause impact to national security and public safety, an exposure like that is the cyber equivalent of putting a ‘kick me’ sign on the back of our critical infrastructure.

Critical Failures

What happened at the Norwegian dam mirrors what we observe in all kinds of critical facilities worldwide: internet-exposed devices in smart building control systems without modern protections. Today, we can see over 23,000 such systems in Shodan online ready to be compromised by any opportunist attacker. Imagine a scenario where an attacker can turn off the air conditioning during the summer months in a hospital – there can be real world consequences from such a simple and exposed asset. While not every exposure leads to an incident, the dam hack reinforces the value of proactively securing remote interfaces – especially in environments that were never designed with connectivity in mind.

Conclusion

No one would leave a mechanical control room unattended with all the valves open – yet that’s effectively what happens when remote access is deployed without strong safeguards. This isn’t just a story about four scary hours at a Norwegian dam supplying water to a fish farm; it’s a universal example of how operational integrity, and ultimately public safety, depends on cyber hygiene. Asset-intensive sectors can take this as an opportunity to align their digital access controls with the same rigor they apply to physical safety systems.

Grant Geyer
Grant Geyer is Chief Strategy Officer at Claroty, the global leader in cyber-physical systems (CPS) protection. Grant has had a successful career in the cybersecurity industry for over 20 years at companies of different stages of growth. He previously served as Claroty’s Chief Product Officer, where he oversaw the company’s product strategy and development, and prior to joining Claroty, Geyer held senior roles at RSA, Symantec, and served as a Military Intelligence officer for the U.S. Army. He holds a B.S. in Computer Science from the U.S. Military Academy at West Point and a M.S. in Engineering Management from the University of Maryland, Baltimore.

Get Your Cyber News Delivered

Subscribe

Similar Posts

No results found.
Share This