What are Iranian hackers targeting in US critical infrastructure?

Internet-exposed Rockwell/Allen-Bradley PLCs in energy, water, government sectors. They're extracting files, tweaking displays for disruption.

How do I protect my PLCs from these attacks?

Disconnect from internet, firewall up, MFA, firmware patches, monitor OT traffic per CISA IOCs.

Is this linked to recent Iran-US tensions?

Yes—advisory says escalated campaigns respond to hostilities with US and Israel.

🌐 Nation-State Threats

Iranian Hackers Are Back, Prodding U.S. PLCs in Water Plants and Power Grids

Forget the headlines about flashy ransomware. Iranian hackers are quietly messing with the brains of America's critical infrastructure—PLCs in power grids and water systems. And we're still leaving them online.

Threat Digest Apr 07, 2026 4 min read

Digital map of US with red markers on power plants and water facilities under cyber attack icons

⚡ Key Takeaways

Iranian APTs are actively probing exposed PLCs in US water, energy, and gov sectors for disruptions. 𝕏
Basic defenses like firewalls and segmentation remain ignored, echoing 2023 Unitronics attacks. 𝕏
Geopolitical tensions drive escalation; expect hybrid threats by 2025. 𝕏

Published by

Threat Digest

Threat intelligence. Zero noise.

#CISA advisory #Iranian hackers #PLCs #critical infrastructure

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Bleeping Computer

⚡ Key Takeaways

The 60-Second TL;DR

Threat Digest

Share this article

Worth sharing?

Related Stories

Iran's Hackers Spray Passwords at 300+ Israeli Microsoft 365 Targets—And It's Just Getting Started

Iran's Hackers Already Sabotaging US Power and Water Grids

North Korean Hackers Turn GitHub into a Shadowy C2 Nerve Center for South Korean Targets

APT28's FrostArmada: How Russian Spies Hijacked 18,000 Routers for Stealthy Global Espionage

Stay in the loop