By John Q. Hosedrinker 
The Norwegian Police Security Service (PST) has officially attributed a cyberattack on a hydropower dam in Bremanger to Russia, marking the first time Oslo has formally accused Moscow. The attack, which occurred in April, allowed water to flow unnoticed for four hours, releasing 500 liters per second. PST’s head stated the incident exemplifies a shift in activity from pro-Russian cyber actors aimed at creating fear and chaos. Although no injuries or damage resulted, the PST is warning that Russian intelligence services are actively attempting to gather information and recruit contacts within Norway.
Read the original article here
Russian hackers seized control of a Norwegian dam this year, opening a floodgate and allowing water to flow unnoticed for four hours, Norway’s intelligence service has said. This is a pretty alarming situation, isn’t it? It really makes you wonder about the wisdom of connecting critical infrastructure like dams to the internet in the first place. It seems like a risky move, opening the door to potential attacks that could have serious consequences.
The admission from the Norwegian Police Security Service (PST) that they’ve formally attributed the cyber-attack on the Bremanger dam to Moscow is a significant development. It’s the first time Norway has directly pointed the finger at Russia, and that definitely raises the stakes. The fact that they are pointing fingers at Russia indicates that it is a deliberate act that can not be excused as an accident. It should be taken very seriously.
The attack itself, the release of 500 liters of water per second for four hours, might not sound like a huge environmental disaster in the grand scheme of things. Someone mentioned that it’s equivalent to a few Olympic swimming pools worth of water. It’s the principle of the thing, though, and the potential for more severe disruption. Even though the damage does not seem too large, it is a clear indication that the system can be hacked.
The head of PST, Beate Gangås, highlighted a shift in activity from “pro-Russian cyber actors” over the past year, with the Bremanger incident serving as an example of this. Her comment that the aim is to “influence and to cause fear and chaos” is chilling. It’s a reminder that these cyberattacks aren’t just about technical prowess; they’re about psychological warfare and undermining trust. It is the same as in war times, it is all about fear.
The question of whether this constitutes an act of war naturally comes to mind. Some people are saying it feels like an act of war. While there’s a hesitancy to label it as such, it does raise questions about how far is too far. Given the implications of all out war, there is a reluctance to take that step. It would be much more appealing to be able to find and punish the people that were directly involved.
There’s discussion about the role of NATO and the response from the EU. Is it enough? Is it too much? It seems like there is a call for a stronger response from NATO and the EU. It is hard to say the EU is doing enough when this is happening. The current EU response has been to deny knowledge and let it be.
It does seem bizarre that a dam can be remotely controlled. Considering that modern technology exists to block unwanted access, why isn’t it in use? It has been done on a number of countries, and the current situation would call for that approach.
People are rightly questioning the security of all sorts of infrastructure. Everything is connected to the internet, and it is easy to get in to systems, and cause damage. It is a double-edged sword, for sure. This brings up an important issue of how much trust we put in our systems.
There’s a lot of discussion about the motives of the Russian hackers. What are they hoping to achieve by causing this disruption? It is worth mentioning that they might not necessarily be looking to cause catastrophic damage. They could be testing the waters, seeing what they can get away with. It also raises the question as to why they would do this without achieving any significant gain.
The comparison to the “Occupied” series is interesting, highlighting the strategic use of cyber warfare and the insidious nature of these types of attacks. We need to be aware that this could be the first step towards a larger conflict.
There’s a lot of talk about technical solutions. Some people are suggesting that we should make it harder for these sorts of attacks to happen. It’s easier said than done, but cybersecurity is not as advanced as it should be. People are calling for solutions like improved cybersecurity, and limiting outside access.
The Stuxnet example is a good reminder that air gaps aren’t always foolproof. Malware can spread in unpredictable ways, and even supposedly isolated systems can be compromised.
There is a call to recognize that we are already in a new Cold War. Governments are reluctant to act in a way that would provoke a nuclear attack, but are doing what they can to respond.
There is also the difficult question of who would participate in blocking Russia from the internet. It is easier said than done. There are so many international complications, as well as technological ones, that it is hard to know where to start.
Finally, it is a great reminder that even though we are advancing technologically, we still need to be prepared for what could happen. Anything connected to the internet can be controlled remotely.
It seems that in the current state of things, there are many vulnerabilities, as well as the need for vigilance. With the rate that things are going, we can expect these types of attacks to continue in the future.