Cybersecurity analysts have discovered proof of Russian military linked hackers breaking into a Texas water treatment plant. In January, hackers reportedly accessed a remote login system used for industrial software in Muleshoe, Texas, a community of about 5,000 residents. The system allows operators to interact with a water tank, Muleshoe City Manager Ramon Sanchez told CNN.
In January, hackers supposedly entered a remote login system used for industrial software in Muleshoe, Texas, home to about 5,000 residents. software in Muleshoe, Texas, a community of approximately 5,000 residents. The system facilitates operator interaction with a water tank, Muleshoe City Manager Ramon Sanchez told CNN.
The water tank had excessive water flow for around 30 to 45 minutes before Muleshoe authorities disconnected the compromised system and switched to manual operations.
The breach has raised worries about the susceptibility of U.S. water infrastructure to cyber dangers.
According to a report published by Mandiant Security, a subsidiary of Google, the cyber sabotage unit is known as Sandworm.
“As of now, no other Russian government-backed cyber group has had a more central role in shaping and supporting Russia’s military campaign,” per the Mandiant website.
If verified by U.S. officials, this occurrence would be the first known instance of Russian hackers targeting U.S. water facilities, joining Iran and China as opponents that breached American water infrastructure in the past year.
The report highlighted screenshots purportedly showing a group affiliated with Sandworm manually manipulating water well control inputs via a persona named “CyberArmyofRussia_Reborn,” per CNN. While Mandiant couldn't verify all available claims, its analysis aligns with local reporting of the incident, indicating a potentially sophisticated cyber intrusion.
Sandworm, infamous for its previous targeting of Ukrainian infrastructure, gained international attention for its involvement in the NotPetya cyberattacks of 2017, which severely impacted U.S. critical infrastructure, per Mandiant. The group’s expanded focus on U.S. targets highlights the pressing need to strengthen cybersecurity defenses in sectors like water treatment, which are susceptible to cyber compromises. are deemed highWhile the Biden administration has prioritized reinforcing protections for water treatment facilities against cyber threats, challenges continue.
In October, the Environmental Protection Agency (EPA) faced resistance in its efforts to mandate cybersecurity evaluations for water systems during sanitation surveys, per CNN, prompting concerns about the sector’s readiness to confront evolving cyber risks.
According to the Mandiant report, the activities attributed to Sandworm by Mandiant also implicated water system compromises in France and Poland, highlighting the global reach and proliferation risk posed by such cyber threat actors.
Sandworm is recognized as one of the most
Russian threat actors, with significant implications for industrial control systems, according to InfoSec. dangerous “Regulations have not required this low-hanging fruit to be addressed. … This shows a pretty clear need to handle the basics,” Gus Serino, president of security firm I&C,
Cybersecurity analysts have discovered proof of a Texas water treatment plant breach allegedly orchestrated by a group linked to Russian military hackers. In January, hackers reportedly infiltrated a remote login system used for industrial software in Muleshoe, Texas, a community of approximately 5,000 residents. The system facilitates operator interaction with a water tank, Muleshoe City […] told CNN.
