U.S. federal agencies have issued an urgent advisory warning that Iran-affiliated hackers are actively targeting critical American energy and water infrastructure by exploiting Rockwell Automation programmable logic controllers.

Key Points

• CISA, the FBI, and the NSA report that hackers are targeting internet-connected programmable logic controllers used in electricity and water systems.
• The advisory follows recent cyberattacks, including a breach of medical equipment company Stryker by the Iran-linked group Handala.
• Officials recommend removing controllers from direct internet exposure and implementing secure firewalls to prevent unauthorized access.
• Administrators are urged to monitor logs for suspicious traffic from overseas hosting providers and contact Rockwell Automation for security guidance.
• The warning comes amid heightened geopolitical tensions and a proposed $707 million budget cut for CISA in the 2027 fiscal year.

Why it Matters

These cyberattacks represent a significant escalation in the conflict between the U.S. and Iran, threatening the stability of essential public services. The vulnerability of industrial control systems poses a direct risk to the safety and daily operations of critical infrastructure sectors across the country.