Underwater IED at Critical Alabama Dam Signals Escalating Hybrid Threats to U.S. Water Infrastructure
The recent discovery of an underwater grenade-type IED at Alabama's Converse Reservoir Dam - a DHS critical infrastructure site - highlights physical security gaps in water systems, occurring alongside federal alerts on Iranian cyber campaigns targeting the same infrastructure amid geopolitical strains, pointing to broader underreported sabotage risks.
Dam maintenance divers in Mobile, Alabama, discovered a grenade-type improvised explosive device (IED) underwater at the base of the Converse Reservoir Dam during routine surveys for repairs. The Mobile Area Water and Sewer System (MAWSS) promptly notified the Mobile County Sheriff’s Office, leading to a coordinated multi-agency response by the Gulf Coast Regional Maritime Response and Render-Safe Team. The device was safely retrieved and detonated with no injuries or damage to the dam, which supplies drinking water to the region and is federally designated as critical infrastructure by the Department of Homeland Security. Officials have notified DHS and announced plans to increase physical security at the site, though no suspects have been identified and the length of time the device was present remains unknown.[1][2]
This physical breach coincides with urgent federal warnings about targeted threats to the same sector. In April 2026, the EPA, FBI, CISA, and NSA issued a joint advisory detailing Iranian-affiliated advanced persistent threat actors exploiting programmable logic controllers and operational technology in U.S. drinking water and wastewater systems, resulting in disruptions, sensor tampering, and financial losses. These cyber campaigns are viewed as attempts to cause real-world effects on critical infrastructure amid heightened geopolitical tensions.[3][4]
While mainstream reporting has treated the Alabama incident primarily as a successful render-safe operation, the juxtaposition reveals under-examined patterns: physical sabotage capabilities paired with state-linked cyber intrusions against water supplies. Historical analyses of insider IT sabotage across U.S. critical infrastructure sectors, alongside emerging concerns over hardware vulnerabilities and foreign supply-chain risks, indicate that both domestic actors and adversarial nations are probing defensive gaps. The “grenade-type” nature of the device suggests it may have been a test of detection and response protocols rather than an immediately catastrophic weapon, yet its placement at a submerged critical point exposes serious vulnerabilities in underwater monitoring that receive scant ongoing attention. As authorities enhance protections at Converse Reservoir, the event underscores the need for integrated physical-cyber defenses at hundreds of similar dams and reservoirs nationwide.
Liminal Analyst: This likely represents a low-tech probe of physical defenses at vulnerable water chokepoints that could precede larger hybrid operations, revealing how domestic and foreign actors may exploit overlooked underwater access as geopolitical and internal tensions rise.
Sources (4)
- [1]MAWSS: Routine dam dive turns up grenade-style IED lurking under reservoir(https://mynbc15.com/news/local/mawss-routine-dam-dive-turns-up-grenade-style-ied-lurking-under-converse-reservoir)
- [2]Officials praise removal of grenade-like IED found at south Alabama dam(https://www.al.com/news/2026/05/officials-praise-removal-of-grenade-like-ied-found-at-south-alabama-dam.html)
- [3]EPA, FBI, CISA, NSA Issue Joint Cybersecurity Advisory to Water System Regarding Iranian-Affiliated Cyber Attacks(https://www.epa.gov/newsreleases/epa-fbi-cisa-nsa-issue-joint-cybersecurity-advisory-water-system-regarding-iranian)
- [4]Iranian hackers are targeting US energy and water sectors, according to new advisory(https://www.politico.com/news/2026/04/07/iranian-hackers-energy-water-cybersecurity-00862018)