"The FBI, Cybersecurity and Infrastructure Security Agency, National Security Agency, Environmental Protection Agency, Department of Energy, and US Cyber Command urgently warned that the APT is targeting PLCs, which provide an interface between computers used for automation and physical machinery."
"Since at least March 2026, the authoring agencies identified an Iranian-affiliated APT-group that disrupted the function of PLCs deployed across multiple US critical infrastructure sectors, leading to operational disruption and financial loss."
"A security firm identified 5,219 Rockwell Automation PLCs exposed to the Internet, with 75 percent located in the US, indicating a significant vulnerability in critical infrastructure."
Hackers linked to the Iranian government are actively disrupting operations at multiple US critical infrastructure sites, particularly targeting programmable logic controllers (PLCs). These devices are crucial in various industrial settings, including factories and water treatment centers. The FBI and other agencies have reported that since March 2026, this advanced persistent threat group has caused operational disruptions and financial losses across sectors such as Government Services, Waste Water Systems, and Energy. A significant number of PLCs, particularly those from Rockwell Automation, are exposed to the Internet, with many located in remote areas.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]