In November, a group of Russian hackers caused a water tank overflow in Pennsylvania, which was a concerning attack on US infrastructure. The cyber-security firm Mandiant has identified the group responsible for this attack as Sandworm, a Russian hacking group known for their mature and dynamic approach to cyber threats.
Sandworm has been previously linked to various cyber attacks worldwide, including on Ukraine’s power grid and the 2018 Olympic Games in South Korea. In 2020, the US Department of Justice charged six members of the group with crimes related to their cyber attacks, including disrupting the 2016 US presidential elections. The Justice Department also accused the group of creating a virus called NotPetya, responsible for causing $10 billion in damage to computers globally.
In January, a separate attack on Muleshoe’s water system occurred when a group of Russian hackers caused a small town in Texas to experience a water tank overflow. The hackers shared a video on Telegram demonstrating how they manipulated Muleshoe’s water system, overpowering it and resetting the controls. This was the first attack on public American infrastructure by Sandworm signaling that they were not only focused on espionage but also had an interest in disrupting critical systems. Ramon Sanchez, Muleshoe’s city manager reported that the water tank overflowed for 30 to 35 minutes during the attack. Many security experts believe that Sandworm is likely connected to the Russian spy agency GRU while others say that most state-backed threat groups typically specialize in specific areas of cyber attacks such as intelligence gathering or network sabotage but Sandworm is unique in its ability to combine various capabilities into one comprehensive package.
