The article reports that multiple US critical infrastructure organizations have recently suffered operational disruptions from Iran-linked cyberattacks aimed at operational technology rather than traditional IT systems. Citing a joint warning from the FBI, CISA, NSA, EPA, DOE, and US Cyber Command, SecurityWeek says the attackers targeted internet-exposed programmable logic controllers, especially Rockwell Automation / Allen-Bradley devices, across sectors including municipal services, water and wastewater, and energy. The advisory says the intrusions involved malicious changes to project files and manipulation of data shown on HMI and SCADA displays, creating real-world disruption and prompting federal agencies to urge organizations to review indicators of compromise and mitigation guidance immediately.

The piece also connects the activity to earlier Iran-linked campaigns associated with CyberAv3ngers, a group tied to Iran’s Islamic Revolutionary Guard Corps that has previously targeted water-sector infrastructure in the United States and abroad. SecurityWeek places the new advisory within a broader pattern of escalating Iranian cyber operations, noting recent US government action against Handala and other Tehran-linked actors, as well as evidence of expanded supporting infrastructure intended to sustain future campaigns. The overall message of the article is that this is not an isolated OT incident but part of a wider strategic push, and that operators of exposed industrial devices should assume they may be targeted unless they harden and review their environments now.

‍

Source: https://www.securityweek.com/iran-linked-hackers-disrupt-us-critical-infrastructure-via-plc-attacks/