Norway, a nation famed for its towering fjords and abundant hydropower, found itself at the center of a rapidly escalating cyber conflict this spring. In April 2025, pro-Russian hackers orchestrated a bold sabotage attack on a dam in southwestern Norway, an incident that has since reverberated through security circles across Europe. Authorities now say this event marks a dangerous new chapter in the ongoing campaign of digital disruption attributed to Russia and its proxies.
The breach occurred at a dam on Lake Risvatne, located in the Bremanger region of western Norway. According to Reuters and Norwegian daily VG, the hackers managed to seize remote control of the dam’s digital systems on April 7, opening a floodgate and releasing a torrent of water—500 liters (132 gallons) per second—for a full four hours. Staff eventually detected the breach and managed to intervene, shutting the valves and restoring order. Fortunately, the sudden surge of water did not endanger the surrounding area, but the implications of the attack were anything but benign.
Beate Gangås, director of the Norwegian Police Security Service (PST), addressed the incident publicly on August 13, 2025. During a high-profile briefing titled “Hybrid attacks against Norway: Are we at war?” she painted a stark picture of the evolving threat landscape. “Over the past year, we have seen a change in the activity of pro-Russian cyber actors. In April, a dam in western Norway became the target of such an operation… Our Russian neighbor has become more dangerous,” Gangås said, as quoted by VG and Reuters.
Gangås explained that Russia’s methods are varied and insidious, ranging from subversive activity and influence campaigns to polarization and covert intelligence gathering. “This can include subversive activity, influence, polarization, covert intelligence gathering—methods aimed at weakening our security, but which cannot be characterized as acts of war… The goal is to influence Norwegian society, create a sense of unrest and instability, and identify our strengths and weaknesses,” she told VG.
What set this attack apart was not only its technical sophistication but also its performative aspect. A three-minute video, showing the dam’s control panel emblazoned with the mark of a pro-Russian cybercriminal group, was posted on Telegram in April. Police attorney Terje Nedrebø Michelsen confirmed to NRK, Norway’s public broadcaster, that similar videos have surfaced before, but this was the first time since 2022 that officials had publicly suggested pro-Russian hackers had successfully targeted Europe’s critical water infrastructure.
“State actors typically use other groups to hack into facilities to show ‘look what we can do if we want to,’ before bragging about it afterwards,” Gangås told NRK. The intent, she argued, is less about inflicting direct damage and more about sending a chilling message—demonstrating capability, stoking fear, and sowing chaos among the general population.
Norway, a NATO member sharing a border with Russia in the Arctic, is no stranger to the complexities of geopolitics. The country is a staunch supporter of Ukraine and Europe’s largest supplier of gas, with most of its electricity generated via hydropower dams—making its infrastructure a tempting target for cyber adversaries. Intelligence officials have warned for years about the vulnerabilities of energy infrastructure, and the April incident appears to have validated some of their worst fears.
“The aim of this type of operation is to influence and to cause fear and chaos among the general population,” Gangås emphasized in her speech, as reported by Reuters. She warned that similar operations are expected to continue, not only in Norway but across Europe. “They do not necessarily aim to cause damage, but rather to demonstrate what they are capable of,” she elaborated, highlighting the psychological dimension of modern cyber warfare.
The Russian embassy in Oslo, for its part, has vehemently denied any involvement. In a statement emailed to Reuters, embassy officials dismissed the Norwegian allegations as “unfounded and politically motivated.” They accused the PST of trying to “substantiate the mythical threat of Russian sabotage against Norwegian infrastructure this year, which it itself invented in its February [annual] report.” Moscow has consistently denied accusations of cyber sabotage across Europe, even as Western officials point to a pattern of increasingly brazen attacks since Russia’s invasion of Ukraine.
Indeed, the April dam incident fits into a broader campaign of disruption that has swept across the continent. The Associated Press has tracked more than 70 such incidents, ranging from vandalism and arson to attempted assassinations, all attributed by Western officials to Russia and its proxies. Britain’s spy chief last September accused Russia of waging a “staggeringly reckless campaign” of sabotage, aiming to scare European countries away from supporting Ukraine.
After her public address, Gangås told Reuters she felt compelled to go public with the attribution to warn the Norwegian population and to try to prevent further attacks. “I want Norwegians to be prepared,” she said, underscoring the seriousness of the threat. Her words echoed the growing anxiety among European security agencies, who are bracing for a future in which cyberattacks on critical infrastructure become not the exception, but the rule.
Norway’s reliance on hydropower—once a symbol of its energy independence—now presents a double-edged sword. With most of its electricity generated by dams, the country’s infrastructure is both a national asset and a potential vulnerability. Intelligence authorities are now urging vigilance, not just from government agencies but from the operators of vital facilities and the general public as well.
While the hackers’ actions in April did not result in physical harm, the incident has left a deep impression on Norwegian society. It served as a wake-up call, revealing just how easily a determined adversary could disrupt the flow of daily life with a few keystrokes. The attack also raised uncomfortable questions: How secure are Europe’s critical infrastructures? What more can be done to defend against an enemy that prefers to operate in the shadows?
As the dust settles, one thing is clear: the digital frontlines of modern conflict are as real—and as perilous—as any physical battlefield. For Norway and its European neighbors, the challenge now is to adapt, to bolster defenses, and to ensure that the next attack does not catch them off guard.
The story of the Bremanger dam is a stark reminder that in today’s interconnected world, security is never guaranteed. It’s a lesson Norway, and Europe as a whole, will not soon forget.
