Skip to content
Tech News
← Back to articles

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

2026-04-07 | original
read original get Cybersecurity USB Data Blocker → more articles
Why This Matters

The recent cyberattacks linked to Iran on US energy and water infrastructure highlight the growing threat of state-sponsored hacking campaigns targeting critical systems. These breaches pose significant risks to national security, public safety, and economic stability, emphasizing the urgent need for enhanced cybersecurity measures across vital industries. As cyber threats become more sophisticated, both industry leaders and consumers must prioritize robust security protocols to safeguard essential infrastructure.

Key Takeaways

As US President Donald Trump threatens wholesale demolition of Iran's infrastructure in the midst of an escalating war, Iran now appears to have already reciprocated with its own form of infrastructure sabotage: A hacking campaign hitting industrial control systems across the United States, including energy and water utilities, that US agencies say has had disruptive and costly effects.

In a joint advisory published Tuesday, a group of US agencies including the FBI, the National Security Agency, the Department of Energy, and the Cybersecurity and Infrastructure Security Agency warned that a group of hackers affiliated with the Iranian government has targeted industrial control devices used in a series of critical infrastructure targets including in the energy sector, water and wastewater utilities, and unspecified “government facilities.” According to the agencies, the hackers have targeted programmable logic controllers (PLCs)—a type of device designed to allow digital control of physical machinery—in those facilities, including those sold by industrial tech firm Rockwell Automation, with the apparent intention of sabotaging their systems.

By compromising those PLCs, the advisory warns, the hackers sought to change information on the displays of industrial control systems, which can in some scenarios cause system downtime, damage, or even dangerous conditions. “In a few cases, this activity has resulted in operational disruption and financial loss,” it reads.

When WIRED reached out to Rockwell Automation, a company spokesperson responded in a statement that it “takes seriously the security of its products and solutions and has been closely coordinating with government agencies in connection with” Tuesday's advisory, and pointed to documents it has published for customers on how to better secure their PLCs.

Though the advisory doesn’t specify a particular group responsible for the hacking campaign, it notes that the attacks are similar to those carried out in by the Iran-linked group known as CyberAv3ngers, or the Shahid Kaveh Group, starting in late 2023. That team of hackers, believed to work in the service of the Iranian Revolutionary Guard Corps, inflicted several waves of attacks against Israeli and US targets in recent years, including gaining access to more than a hundred devices sold by industrial control system technology firm Unitronics and most commonly used in water and wastewater utilities.

This is a developing story, please check back for updates.

Explore topics: iranian hackers industrial control systems rockwell automation programmable logic controllers critical infrastructure
Related:
Iranian hackers are targeting American critical infrastructure, U.S. agencies warn
Iranian hackers are targeting American critical infrastructure, US agencies warn
US warns of Iranian hackers targeting critical infrastructure
Source Code Leaks Highlight Lack of Supply Chain Oversight
Claude Source Code Leak Highlights Big Supply Chain Missteps

© 2026 GoKawiil

About | Editorial Policy | Contact