Iranian State Hackers Target US Critical Infrastructure, Disrupting Water, Energy, and Industrial Sites

A coalition of top US security and infrastructure agencies has issued an urgent warning: Iranian state-sponsored hackers are actively disrupting operations at multiple American critical infrastructure sites. This campaign, likely a response to the ongoing conflict between the two nations, is targeting the programmable logic controllers (PLCs) that form the operational backbone of factories, water treatment plants, and oil refineries.

The advisory from the FBI, CISA, NSA, EPA, Department of Energy, and US Cyber Command reveals that an Iranian-affiliated advanced persistent threat (APT) group has been conducting these attacks since at least March 2026. These hackers are not just stealing data; they are directly interfering with the physical machinery controlled by these toaster-sized PLCs, which are often located in remote industrial settings. The goal is operational disruption, leading to financial losses for victim organizations.

The targeting of such foundational industrial control systems represents a significant escalation in cyber conflict, moving beyond espionage to tangible disruption of essential services. The coordinated warning signals deep concern within the US government about the vulnerability of these systems and the potential for broader impacts on national security and public safety if the campaign continues or intensifies.