- Russian hackers caused a Texas town’s water tank to overflow in a suspected hack earlier this year.
- Cybersecurity experts say the likely culprit is Sandworm, a Russian hacking group.
- The US earlier accused Sandworm of attacks on hospitals in Pennsylvania in 2017.
In January, Russian hackers caused a small Texas town’s water tank to overflow in what was a rare but worrying attack on US infrastructure.
The Russian hacking group Sandworm is likely responsible for the attack on the water system in Muleshoe, Texas, the cyber-security firm Mandiant said on Wednesday.
Mandiant called the group a “dynamic and operationally mature threat actor that is actively engaged in the full spectrum of espionage, attack, and influence operations.”
Security experts said they believe the group is likely connected to the Russian spy agency, GRU. While most state-backed “threat groups” specialize in specific areas, like collecting intelligence or network sabotage, Sandworm stands alone in trying to unify each capability into one full package, Mandiant reported.
Hackers posted a video to Telegram of themselves manipulating Muleshoe’s water system, showing how they overpowered it and reset the controls, according to The Washington Post.
In the videos, the hackers refer to themselves as the Cyber Army of Russia Reborn. This marks the first attack on a public American infrastructure system by this group, according to the Post. US officials blamed a separate attack on water systems in Pennsylvania last November on Iran, according to CNN.
Ramon Sanchez, Muleshoe’s city manager, told CNN that the city’s water tank overflowed for about 30 to 35 minutes.
Authorities have previously blamed Sandworm, which has gone by different names over the years, for various attacks around the world, including on Ukraine’s power grid and on the 2018 Olympic Games in South Korea.
In 2020, The US Department of Justice charged six members of the group with crimes related to its attacks, one of which it said was also involved in disrupting the 2016 US presidential elections.
The Justice Department also accused the men of creating a virus called NotPetya, which caused $10 billion in damage to computers worldwide, shutting down the power grid in Ukraine, and taking down the computer systems belonging to a chain of Western Pennsylvania hospitals.
