SoylentNews

quietus writes:

Risevatnet Lake is a small dammed lake near the city of Svelgen in the South-West of Norway. It primarily serves as a fish farm.

On April 7 its dam control system was breached by a Russian hacktivist group, Z-PENTEST (guess what the Z stands for). The main valve was put on maximum opening, increasing the water flow to maximum volume for four hours before the incident was detected; on April 10 the dam's owner alerted authorities.

The hackers got in through a weak password -- the classical 123456, or risevatnet123, perhaps -- on the web interface used to control the dam. This web interface was directly connected to the Internet.
  Once logged in, the hackers could directly control a motorized valve which controlled the water flow. (Why local teenagers hadn't discovered this before remains a mystery.)

About 145,000 Industrial Control Devices (ICS) were found to be directly connected to the Internet in a 2024 Censys scan (pdf). Of these devices, 48,000, or 38%, were located in the US, with Europe accounting for a comparable number (35%). A sizeable portion (34%) of devices were water and wastewater related, while 23% were associated with agricultural processes. Many of these devices -- including HMIs, PLCs, and SCADA panels—were discoverable with simple scans, and often "protected" by default or easily guessed passwords.

If you read around a bit, the impression is that Z-PENTEST is something like a splinter group from another "hacktivist" group, the People's Cyber Army. Both groups have boosted on Telegram about similar actions before -- aiming for oil wells, dams and rural water systems. Their targets have been in the United States, Canada, Australia, France, South Korea, Taiwan, Italy, Romania, Germany, and Poland.

It has to be seen whether this latest action -- freeing fish from Western Propaganda and the Capitalists' Deadly Grip -- will give them much street cred in the hacker scene.

Original Submission