The Federal Office for the Protection of the Constitution (BfV) said the alert was issued in coordination with Germany’s foreign intelligence agency, the BND, and the U.S. Federal Bureau of Investigation.

The group, also known as “Fancy Bear,” has been attributed by Western governments to Russia’s military intelligence service, the GRU.According to the BfV, APT28 exploited weaknesses in TP-Link routers, affecting several thousand devices worldwide, including about 30 in Germany.

In some cases, authorities confirmed breaches, leading operators to replace compromised hardware.The agency said the campaign was aimed at facilitating surveillance of sensitive targets, including state institutions and key infrastructure networks.

APT28 has previously been linked to cyberattacks against Germany’s parliament, the Social Democratic Party and air traffic control systems, underscoring its long-standing role in espionage operations targeting European institutions.

German authorities urged heightened vigilance and coordination among operators to mitigate risks posed by the ongoing campaign.

Iran’s military renewed its warning on Sunday, saying it would target energy, information technology and desalination facilities linked to the United States and Israel if its own infrastructure continued to be hit.

The statement, issued by the Khatam Al-Anbiya operational command and carried by Fars news agency, followed a 48-hour ultimatum from U.S. President Donald Trump to reopen the Strait of Hormuz or face strikes on Iranian power plants.

The threats mark a rare escalation into water systems, which have historically been less frequent targets in warfare. However, recent incidents suggest a shift. Bahrain said an Iranian drone strike on March 8 damaged a desalination plant, though authorities reported no disruption to supply.

Iran, in turn, accused the United States of striking a desalination facility on Qeshm Island that supplies dozens of villages, calling it a dangerous precedent. Iranian Energy Minister Abbas Aliabadi said multiple water transmission and treatment facilities had been hit, damaging critical supply networks.

Analysts warn that targeting such infrastructure could significantly widen the conflict. Water economist Esther Crauser-Delbourg said earlier this month that attacks on water systems risk triggering “a war far more enormous” than the current confrontation.

The Middle East’s dependence on desalination heightens the stakes. According to World Bank data, water availability in the region is roughly one-tenth of the global average, making engineered water supply systems essential.

The region accounts for about 42% of global desalination capacity, with Gulf states relying heavily on the technology for drinking water. Desalinated water supplies around 42% of demand in the United Arab Emirates, 70% in Saudi Arabia, 86% in Oman and 90% in Kuwait, based on a 2022 report by the French Institute of International Relations.

Large urban centres such as Dubai and Riyadh depend on uninterrupted operation of these plants. A U.S. intelligence assessment cited in earlier diplomatic communications warned that disruption of desalination systems could have more severe consequences than the loss of any other major industry in the region.

Desalination plants face multiple risks in a conflict environment, including direct missile or drone strikes, power outages and contamination of intake water from oil spills.

Operators have moved to strengthen protection. Philippe Bourdeaux, a regional executive at French utility Veolia, said access controls around facilities had been reinforced and authorities in some countries had deployed missile defence systems near major plants.

Facilities are often interconnected, allowing some redistribution of supply if one site is damaged. Most also maintain reserves equivalent to two to seven days of consumption, providing a limited buffer against short-term disruptions.

Direct attacks on desalination infrastructure have been relatively rare. Iran-backed Houthi forces in Yemen have previously targeted such facilities in Saudi Arabia, while coalition strikes have hit water systems in Yemen. Israeli operations have also affected water infrastructure in Gaza, according to conflict monitoring data.

Broader targeting of water systems dates back to the 1991 Gulf War, but experts say the current scale of dependence on desalination makes the risks more acute.Prolonged outages could trigger severe consequences, including water rationing and population displacement from major cities.

Disruptions would also affect industries reliant on water, including tourism, manufacturing and data centres, amplifying the economic fallout of the conflict.