239/68 Wednesday, July 2, 2025
A concerning incident occurred in April when unidentified hackers gained access to the control systems of the Lake Risevatnet dam, located near the town of Svelgen in southwestern Norway. The attackers managed to fully open the dam’s water discharge valves for a continuous period of four hours. The dam’s owner, Breivika Eiendom, detected the abnormal activity on April 7 and reported the incident to Norwegian cybersecurity authorities — including the NSM, NVE, and Kripos — on April 10. Fortunately, the incident did not pose a threat to surrounding areas, as the local river was able to handle the excess water flow.
Preliminary investigations indicate that the breach was made possible due to the use of a weak password protecting the dam’s web-based valve control interface. This allowed hackers to gain unauthorized access to the operational technology (OT) system without adequate authentication. The event highlights ongoing cybersecurity vulnerabilities in critical infrastructure that still rely on insecure web-based control systems, lacking proper safeguards such as strong passwords or multi-factor authentication (MFA).
Although the dam is used primarily for fish farming and is not connected to Norway’s main power grid, the breach serves as a significant warning. It underscores the risks posed to critical infrastructure by neglecting basic cybersecurity measures. Similar past incidents, such as the 2023 cyberattack on Israel’s water systems, reflect a growing trend of threat actors targeting underprotected control systems. Strengthening security policies — including strong password enforcement, real-time monitoring, and restricting remote access — is now an urgent priority to safeguard national infrastructure in an increasingly hostile cyber environment.
Source https://hackread.com/norwegian-dam-valve-forced-open-hours-in-cyberattack/
