TL;DR:
• Russian hackers hijacked Bremanger dam controls in Norway for 4 hours in April
• Released millions of gallons of water through opened floodgates during the breach
• Norway's security chief directly blamed Russian state-backed groups
• Latest in pattern of Russian attacks on Western critical infrastructure
Russian hackers infiltrated Norway's Bremanger dam in April and opened floodgates for four hours, spilling the equivalent of three Olympic pools worth of water before authorities regained control. Norway's spy chief publicly blamed Moscow for the brazen infrastructure attack that marks an alarming escalation in cyberwarfare targeting critical Western systems.
Russian hackers pulled off one of the most audacious cyberattacks on critical infrastructure this year, seizing control of Norway's Bremanger dam and deliberately opening its floodgates to release millions of gallons of water. The four-hour breach in April went undisclosed until Thursday, when Norway's top security official laid the blame squarely at Moscow's feet.
Beate Gangaas, head of Norway's security police service, revealed the attack during a public speech, breaking months of official silence around what sources describe as a deeply concerning escalation in state-sponsored cyber warfare. The hackers maintained control of the dam's computer systems long enough to release water equivalent to three Olympic-sized swimming pools, according to Norwegian media reports that first broke the story.
The attack represents a significant departure from typical Russian cyber operations, which historically focused on data theft or system disruption rather than physical manipulation of infrastructure. By actually opening the dam's floodgates, the hackers demonstrated both technical sophistication and willingness to cause real-world environmental and safety consequences.
Security experts are calling this a watershed moment for industrial cybersecurity. The Bremanger facility, located in western Norway, controls water flow for both flood management and hydroelectric power generation. The hackers' ability to maintain access for four hours suggests they overcame multiple security layers designed to prevent exactly this scenario.
Russia's embassy predictably denied involvement, following the Kremlin's standard playbook of plausible deniability. But Norwegian intelligence officials appear confident in their attribution, with Gangaas making the accusation in the most public forum possible.