{"id":55876,"date":"2024-04-18T15:11:43","date_gmt":"2024-04-18T15:11:43","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35799\/Russias-Sandworm-APT-Linked-To-Attack-On-Texas-Water-Plant.html"},"modified":"2024-04-18T15:11:43","modified_gmt":"2024-04-18T15:11:43","slug":"russias-sandworm-apt-linked-to-attack-on-texas-water-plant","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/","title":{"rendered":"Russia&#8217;s Sandworm APT Linked To Attack On Texas Water Plant"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/04\/041824_russia_hack.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Researchers have linked a cyberattack on a Texas water facility to <a href=\"https:\/\/www.scmagazine.com\/analysis\/russian-sponsored-group-sandworm-hits-ukraine-with-new-wiper-malware\" target=\"_blank\" rel=\"noreferrer noopener\">Sandworm<\/a>, a top Russian military-aligned threat group responsible for a decade of \u201cdisruptive and destructive\u201d campaigns targeting Ukraine.<\/p>\n<p>In a detailed <a href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/apt44-unearthing-sandworm\" target=\"_blank\" rel=\"noreferrer noopener\">analysis of the group\u2019s activities<\/a> published by Mandiant, the cybersecurity firm said no other cyber gang had \u201cplayed a more central role in shaping and supporting Russia\u2019s military campaign\u201d against Ukraine than Sandworm.<\/p>\n<p>Its numerous and constant cyberattacks have included everything from <a href=\"https:\/\/www.scmagazine.com\/news\/russians-suspected-of-gearing-up-to-hit-ukraine-power-grid-over-holidays\" target=\"_blank\" rel=\"noreferrer noopener\">attacks on Ukraine\u2019s energy grid<\/a> in the winters of 2015 and 2016, through to last year\u2019s <a href=\"https:\/\/www.scmagazine.com\/news\/ukrainian-soldiers-phones-targeted-by-chisel-malware\" target=\"_blank\" rel=\"noreferrer noopener\">targeting of Android handsets<\/a> used by Ukrainian military personnel.<\/p>\n<p>\u201cYet the threat posed by Sandworm is far from limited to Ukraine,\u201d the Mandiant researchers said.<\/p>\n<p>\u201cMandiant continues to see operations from the group that are global in scope in key political, military, and economic hotspots for Russia.\u201d<\/p>\n<p>An example cited in the report was an attack this January against operational technology at a water facility in Muleshoe, Texas.<\/p>\n<p>A Telegram account called CyberArmyofRussia_Reborn <a href=\"https:\/\/twitter.com\/Cyberknow20\/status\/1748139362104361021\" target=\"_blank\" rel=\"noreferrer noopener\">posted a video<\/a> purporting to show hackers manipulating settings on the facility\u2019s human-machine interface (HMI). Local officials later confirmed the cyberattack <a href=\"https:\/\/www.myplainview.com\/news\/local\/article\/leaders-area-towns-discuss-cyber-attack-water-18640534.php\" target=\"_blank\" rel=\"noreferrer noopener\">caused a tank to overflow<\/a> but did not disrupt water delivery.<\/p>\n<p>Mandiant said while it could not independently verify the hack or its connection to Sandworm, CyberArmyofRussia_Reborn was one of several \u201cfront personas\u201d or \u201chacktivist identities\u201d linked to the threat group.<\/p>\n<p>The personas were concocted as part of a strategy to generate \u201csecond-order psychological effects\u201d designed, among other things, to make the threat group\u2019s attacks \u201cappear more potent through exaggerated claims of impact.\u201d<\/p>\n<p>Assuming Sandworm was responsible for the Muleshoe attack, it would mean Russian operatives have joined gangs from <a href=\"https:\/\/www.scmagazine.com\/brief\/us-critical-infrastructure-bombarded-with-chinese-cyberattacks\" target=\"_blank\" rel=\"noreferrer noopener\">China<\/a> and <a href=\"https:\/\/www.scmagazine.com\/news\/cyber-av3ngers-gang-hacks-industrial-controllers-across-multiple-us-states\" target=\"_blank\" rel=\"noreferrer noopener\">Iran<\/a> in targeting U.S. water facilities recently.<\/p>\n<p>Growing concerns at a <a href=\"https:\/\/www.scmagazine.com\/news\/us-offensive-to-protect-critical-infrastructure-points-to-growing-cyber-conflict-with-china\" target=\"_blank\" rel=\"noreferrer noopener\">government level<\/a> about the risks nation-state actors pose to the country\u2019s critical infrastructure have prompted the Environmental Protection Agency (EPA) to <a href=\"https:\/\/www.scmagazine.com\/news\/epa-floats-task-force-to-address-cyberattacks-on-water-infrastructure\" target=\"_blank\" rel=\"noreferrer noopener\">form a task force<\/a> to look into hardening security measures across the industry.<\/p>\n<h2>Sandworm \u2018graduates\u2019 to APT status<\/h2>\n<p>A key entity within Russia\u2019s Main Directorate of the General Staff of the Armed Forces (GRU), Sandworm is \u201cactively engaged in the full spectrum of espionage, attack, and influence operations,\u201d Mandiant\u2019s researchers said in their analysis.<\/p>\n<p>Because of the \u201cactive and diffuse\u201d nature of the threat it posed, the researchers said they decided to \u201cgraduate\u201d the group to advanced persistent threat status, and from now on would track it as APT44.<\/p>\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Advanced_persistent_threat#APT_groups\">The APT prefix<\/a> is commonly used by researchers to track a number of sophisticated, stealthy threat groups.<\/p>\n<p>\u201cAPT44 will almost certainly continue to present one of the widest and highest severity cyber threats globally,\u201d the researchers said.<\/p>\n<p>\u201cAs Russia\u2019s war continues, we anticipate Ukraine will remain the principal focus of APT44 operations. However, as history indicates, the group\u2019s readiness to conduct cyber operations in furtherance of the Kremlin\u2019s wider strategic objectives globally is ingrained in its mandate. We therefore assess that changing Western political dynamics, upcoming elections, and emerging issues in Russia\u2019s near abroad will also continue to shape APT44\u2019s operations for the foreseeable future.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35799\/Russias-Sandworm-APT-Linked-To-Attack-On-Texas-Water-Plant.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":55877,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[10909],"class_list":["post-55876","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinemalwareusarussiacyberwarscada"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Russia&#039;s Sandworm APT Linked To Attack On Texas Water Plant 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Russia&#039;s Sandworm APT Linked To Attack On Texas Water Plant 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-18T15:11:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/04\/041824_russia_hack.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Russia&#8217;s Sandworm APT Linked To Attack On Texas Water Plant\",\"datePublished\":\"2024-04-18T15:11:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/\"},\"wordCount\":531,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant.jpg\",\"keywords\":[\"headline,malware,usa,russia,cyberwar,scada\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/\",\"name\":\"Russia's Sandworm APT Linked To Attack On Texas Water Plant 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant.jpg\",\"datePublished\":\"2024-04-18T15:11:43+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/04\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant.jpg\",\"width\":1200,\"height\":800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,malware,usa,russia,cyberwar,scada\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinemalwareusarussiacyberwarscada\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Russia&#8217;s Sandworm APT Linked To Attack On Texas Water Plant\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Russia's Sandworm APT Linked To Attack On Texas Water Plant 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/","og_locale":"en_US","og_type":"article","og_title":"Russia's Sandworm APT Linked To Attack On Texas Water Plant 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-04-18T15:11:43+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/04\/041824_russia_hack.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Russia&#8217;s Sandworm APT Linked To Attack On Texas Water Plant","datePublished":"2024-04-18T15:11:43+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/"},"wordCount":531,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant.jpg","keywords":["headline,malware,usa,russia,cyberwar,scada"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/","url":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/","name":"Russia's Sandworm APT Linked To Attack On Texas Water Plant 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant.jpg","datePublished":"2024-04-18T15:11:43+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/04\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant.jpg","width":1200,"height":800},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/russias-sandworm-apt-linked-to-attack-on-texas-water-plant\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,malware,usa,russia,cyberwar,scada","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinemalwareusarussiacyberwarscada\/"},{"@type":"ListItem","position":3,"name":"Russia&#8217;s Sandworm APT Linked To Attack On Texas Water Plant"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55876"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55876\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/55877"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55876"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}