Iranian government-affiliated hackers have been actively disrupting US critical infrastructure since at least March 2026, targeting programmable logic controllers across water treatment, energy, and government facilities. Six agencies, including the FBI, CISA, NSA, EPA, Department of Energy, and US Cyber Command, issued a joint advisory Tuesday calling the threat urgent.
PLCs are toaster-sized devices that bridge automation computers and physical machinery in factories, refineries, and water systems, often in remote locations. Compromising them means real-world operational disruption, not just data theft. Confirmed victims have already reported both operational failures and financial losses.
The advisory names specific sectors and links the campaign to the broader US-Iran conflict. The full CISA advisory at aa26-097a details the attack vectors and mitigation steps, which is where operators of industrial systems need to be looking right now.
[READ ORIGINAL →]