Authorities say that in April 2025, Norway’s Lake Risevatnet dam, located near the city of Svelgen in Southwest Norway, was the target of a cyberattack. Unidentified hackers gained unauthorized access to a remote control panel managing a valve at the dam. They opened the valve to full capacity, which led to an extra 497 liters per second flowing beyond the mandated minimum water discharge for nearly four hours before the breach was detected.
The attack did not result in any significant physical harm or danger, as the riverbed and dam were designed to handle much larger flows—up to 20,000 liters per second—far exceeding the unauthorized discharge. The incident was discovered by the dam’s owner, Breivika Eiendom, on April 7, and authorities including the Norwegian National Security Authority (NSM), the Norwegian Water Resources and Energy Directorate (NVE), and the police agency Kripos were alerted and are investigating the case.
Investigators found that the breach was enabled by a weak password protecting the web-accessible control panel—a common vulnerability in industrial control systems. While initial reports speculated about possible Russian involvement, the dam owner has since declined to speculate further on the identity or motives of the attackers. The incident underscores the importance of robust cybersecurity for critical infrastructure, even when the immediate impact is minimal
