In November, a group of hackers caused a water tank overflow in Pennsylvania, which was a concerning attack on US infrastructure. The cyber-security firm Mandiant has identified the group responsible for this attack as Sandworm, a Russian hacking group known for their mature and dynamic approach to cyber threats. Sandworm has been previously linked to various cyber attacks worldwide, including on Ukraine’s power grid and the 2018 Olympic Games in South Korea.
The hackers shared a video on Telegram demonstrating how they manipulated Muleshoe’s water system, overpowering it and resetting the controls. Ramon Sanchez, Muleshoe’s city manager, reported that the water tank overflowed for 30 to 35 minutes during the attack. The Cyber Army of Russia Reborn is likely connected to the Russian spy agency, GRU. While most state-backed threat groups typically specialize in specific areas of cyber attacks, Sandworm is unique in its ability to combine various capabilities into one comprehensive package. The hackers referred to themselves as the Cyber Army of Russia Reborn in the videos, signaling that this was the first attack on a public American infrastructure system by the group.
In 2020, the US Department of Justice charged six members of the group with crimes related to their cyber attacks, including disrupting the 2016 US presidential elections and creating a virus called NotPetya responsible for causing $10 billion in damage to computers globally. Many security experts believe that Sandworm is likely connected to espionage, attacks and influence operations. This recent incident highlights