How did Iranian hackers find exposed US PLCs?

Mass scans via Shodan, Censys—tools any script kiddie uses. Default ports 102, 44818 lit 'em up.

Will this Iranian PLC campaign hit my sector?

If you're in CNI—water, energy, transport—yes, unless you've audited exposures. 47% of US OT assets face the net (Claroty data).

What are quick fixes for PLC security?

VPN everything. Change defaults. Segment via firewalls. Patch quarterly. Tools like Dragos Platform spot exposures fast.

🌐 Nation-State Threats

Iranian Hackers Hijack 500+ Exposed US PLCs, Triggering Blackouts and $10M Losses

Forget the headlines—last quarter, Iranian-linked groups hit over 500 internet-facing PLCs across US water, energy, and manufacturing. The result? Scrambled controls, halted ops, and a stark reminder of OT's fragility.

theAIcatchup Apr 08, 2026 3 min read

Network diagram showing Iranian hackers accessing exposed US industrial PLCs in water and energy sectors

⚡ Key Takeaways

Iranian actors exploited 500+ exposed US PLCs, causing $10M in disruptions without advanced exploits. 𝕏
Opportunistic attacks signal Iran's shift to low-effort OT hits amid resource strains. 𝕏
Urgent need: Segment OT networks and ditch default configs to block future chaos. 𝕏

Published by

theAIcatchup

Threat intelligence. Zero noise.

#Iranian threat actors #OT security #critical infrastructure attacks #exposed PLCs

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Dark Reading

⚡ Key Takeaways

The 60-Second TL;DR

theAIcatchup

Share this article

Worth sharing?

Related Stories

Iran's Hidden Assault: 3,900 US PLCs Exposed in the Wild

Iranian Hackers Stick to Cheap Tricks: Phishing, Sprays, and Lazy Patches

Iranian Hackers Poke US Power Grids and Water Plants: The OT Wake-Up Call

Iran Hackers Infiltrate US Water Plants via Exposed PLCs: CISA's Urgent Wake-Up Call

Stay in the loop