{"id":317645,"date":"2026-04-12T20:42:25","date_gmt":"2026-04-12T15:12:25","guid":{"rendered":"https:\/\/ebiztoday.news\/?p=317645"},"modified":"2026-04-12T20:42:25","modified_gmt":"2026-04-12T15:12:25","slug":"iran-linked-hackers-disrupt-operations-at-us-critical-infrastructure-sites","status":"publish","type":"post","link":"https:\/\/ebiztoday.news\/index.php\/2026\/04\/12\/iran-linked-hackers-disrupt-operations-at-us-critical-infrastructure-sites\/","title":{"rendered":"Iran-linked hackers disrupt operations at US critical infrastructure sites"},"content":{"rendered":"<div>\n<p>Hackers working on behalf of the Iranian government are disrupting operations at multiple US critical infrastructure sites, likely in response to the country\u2019s ongoing war with the US, a half-dozen government agencies are warning.<\/p>\n<p>In an advisory published Tuesday, the FBI, Cybersecurity and Infrastructure Security Agency, National Security Agency, Environmental Protection Agency, Department of Energy, and US Cyber Command \u201curgently\u201d warned that the APT, or advanced persistent threat group, is targeting PLCs, short for programmable logic controllers. These devices, typically the scale of a toaster, sit in factories, water treatment centers, oil refineries, and other industrial settings, often in distant locations. They supply an interface between computers used for automation and physical machinery.<\/p>\n<h2>Operational disruption and financial loss<\/h2>\n<p>\u201cSince a minimum of March 2026, the authoring agencies identified (through engagements with victim organizations) an Iranian-affiliated APT-group that disrupted the function of PLCs,\u201d the <a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa26-097a\">advisory<\/a> stated. \u201cThese PLCs were deployed across multiple US critical infrastructure sectors (including Government Services and Facilities, Waste Water Systems (WWS), and Energy sectors) inside a wide selection of business automation processes. A number of the victims experienced operational disruption and financial loss.\u201d<\/p>\n<p>Among the many PLCs being compromised or targeted are those made by Rockwell Automation\/Allen-Bradley. Security firm Censys <a href=\"https:\/\/censys.com\/blog\/iranian-affiliated-apt-targeting-rockwell-allen-bradley-plcs\/\">said Wednesday<\/a> that an Web scan it performed identified 5,219 such devices exposed to the Web. A full 75 percent of them were positioned within the US and certain in far-off locations where equipment is positioned. The infrastructure getting used to focus on the devices is a \u201csingle multi-home Windows engineering workstation running the Rockwell tool chain.\u201d<\/p>\n<\/p><\/div>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers working on behalf of the Iranian government are disrupting operations at multiple US critical infrastructure sites, likely in response to the country\u2019s ongoing war with the US, a half-dozen government agencies are warning. In an advisory published Tuesday, the FBI, Cybersecurity and Infrastructure Security Agency, National Security Agency, Environmental Protection Agency, Department of Energy, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":317646,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[4744,12639,5110,5298,50533,2212,6204],"class_list":["post-317645","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-critical","tag-disrupt","tag-hackers","tag-infrastructure","tag-iranlinked","tag-operations","tag-sites"],"aioseo_notices":[{"message":"The permalink for this post just changed! This could result in 404 errors for your site visitors.","status":"warning","options":{"id":"0a2ae5f84bc2c0423042ed7ec22d2e40","isDismissible":true,"actions":[{"url":"https:\/\/ebiztoday.news\/wp-admin\/admin.php?page=aioseo-redirects","label":"Add Redirect to improve SEO","class":"aioseo-redirects-slug-changed"}]},"allowedContexts":["posts"]}],"_links":{"self":[{"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/posts\/317645","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/comments?post=317645"}],"version-history":[{"count":2,"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/posts\/317645\/revisions"}],"predecessor-version":[{"id":317648,"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/posts\/317645\/revisions\/317648"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/media\/317646"}],"wp:attachment":[{"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/media?parent=317645"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/categories?post=317645"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ebiztoday.news\/index.php\/wp-json\/wp\/v2\/tags?post=317645"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}