Norwegian Authorities Identify Pro-Russian Hackers in April Dam Sabotage

Published Time: 08-14-2025, 12:15

Norwegian police say pro-Russian hackers likely targeted a dam in Norway this past April, manipulating water flow without causing harm. Officials caution that such cyberattacks on critical infrastructure are part of a growing trend across Europe.

Dam Sabotage Incident in Norway

In April 2025, hackers gained access to a digital control system of a Norwegian dam, temporarily opening one of its valves to increase water flow. According to NRK, the valve remained open for about four hours but posed no immediate danger to nearby communities.

Police attorney Terje Nedrebø Michelsen told NRK that a short video showing the dam’s control panel, alongside a mark identifying a pro-Russian cybercriminal group, was published on Telegram at the time. While similar videos have circulated on social media in the past, this is the first official acknowledgment by Norwegian authorities suggesting that pro-Russian hackers may have successfully targeted European critical water infrastructure.

Police Security Service Statement

Beate Gangås, director of the Norwegian Police Security Service (PST), highlighted during a Wednesday briefing that cyberattacks targeting Western nations are increasing, often with the goal of creating fear and unrest.

“State actors typically use proxy groups to breach facilities,” Gangås said, “then publicly brag about it to demonstrate their capabilities.” She spoke at a joint briefing with the head of Norway’s intelligence agency, titled: “Hybrid Attacks Against Norway: Are We at War?”

Gangås warned that such attacks are likely to continue in Norway and across Europe, emphasizing the need for vigilance in protecting critical infrastructure.

Growing Cyber Threats Across Europe

The Associated Press has tracked over 70 similar incidents across Europe, attributing the disruptions to Russia or Russian-linked proxies. Western officials have described this campaign as “reckless” and escalating since Moscow’s invasion of Ukraine in 2022.

These attacks have ranged from digital sabotage to physical acts, including vandalism, arson, and even attempted assassinations. Intelligence officials cited by the AP indicate that the campaign is becoming increasingly violent, raising concerns about national security and civilian safety.

How the Hackers Operated

During the Norwegian dam incident, the attackers accessed the remote control system that manages the facility’s valves. By opening the valve for roughly four hours, the hackers were able to alter water flow, but NRK reports that no physical damage occurred.

The digital intrusion aligns with a broader pattern in which state-backed or affiliated cybercriminal groups target infrastructure to test defenses and send political signals. Publicizing the attack afterward serves as a form of intimidation, demonstrating the potential consequences if security measures fail.

Implications for National Security

Experts say the incident highlights the vulnerability of critical infrastructure to hybrid threats—combining cyber operations with political objectives. Gangås stressed that awareness and preparedness are key to mitigating risks.

“Such activity is not limited to Norway,” she told NRK. “Other European nations should expect continued attempts to disrupt infrastructure, sow fear, and challenge government authority.”

Officials are encouraging closer collaboration between public agencies and private operators of critical systems, emphasizing that cyber resilience is a shared responsibility.

Preparing for the Future

The April dam incident illustrates the growing sophistication of cyber threats in Europe. Security services recommend regular audits of digital control systems, rapid incident response protocols, and public awareness campaigns to ensure communities understand potential risks without causing undue alarm.

Norwegian authorities continue to investigate the April attack, seeking to identify all parties involved and to reinforce measures to prevent future intrusions. The event underscores the urgent need for vigilance as cyber operations increasingly target essential services like water, energy, and transportation.

Conclusion

The suspected pro-Russian hacking of a Norwegian dam in April serves as a stark reminder of the evolving threat landscape for critical infrastructure in Europe. While the incident caused no physical harm, it demonstrates the potential for cyberattacks to disrupt public services, test security protocols, and heighten geopolitical tensions. Authorities urge ongoing vigilance, collaboration, and preparedness to counter such threats effectively.