In May 2024, multiple cybersecurity organizations issued an urgent warning about a rising threat to key industries, including the dams sector.
A joint statement was released by several U.S. organizations, such as the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the Departments of Energy and Agriculture. It was also supported by the UK’s National Cyber Security Centre and the Canadian Centre for Cyber Security. These agencies warned that pro-Russia hacktivists were actively launching cyberattacks on critical industries across North America and Europe, targeting water and wastewater systems, dams, energy sectors, and food and agriculture industries.
The organizations highlighted that since 2022, they had been monitoring malicious activity. They had also issued joint guidance to help companies protect themselves from these attacks. While most of the hacktivists’ actions involved basic tactics that caused minor disruptions, the agencies noted that these groups also had the potential to cause physical damage, particularly in vulnerable operational technology (OT) environments.
The report pointed out that the hacktivists gained unauthorized access by exploiting publicly exposed internet-facing systems, using outdated software, and relying on weak passwords and factory-default settings without proper multi-factor authentication. This makes many OT systems, which control crucial infrastructure, highly susceptible to attacks.
