Iranian hackers are breaching U.S. industrial systems, agencies warn

U.S. federal agencies say Iran-affiliated hackers have accessed internet-facing industrial control tools and caused reported disruptions across government services, water and wastewater, and energy sectors; the overall scope and severity remain unclear.

U.S. federal agencies issued a joint advisory reporting that Iran-affiliated advanced persistent threat actors have been breaking into industrial control systems in the United States. The advisory says the intrusions have targeted internet-facing tools made by Rockwell Automation and have affected government services, water and wastewater systems, and the energy sector. The notice was co-authored by CISA, the FBI, the NSA, the Department of Energy, and U.S. Cyber Command. Officials reported operational disruption and financial loss for some victims, but they did not provide a full accounting of damage. Key points: - A joint advisory from CISA, FBI, NSA, Department of Energy, and U.S. Cyber Command reported Iran-affiliated APT actors accessing U.S. industrial control systems. - Agencies said intrusions touched government services, water and wastewater, and energy sectors and led to reported operational disruption and financial loss, while overall severity was not detailed. - The advisory identified internet-facing Rockwell Automation tools as compromise points and did not name specific affected companies. Summary: Federal agencies warn the reported intrusions have caused operational and financial impacts across multiple infrastructure sectors, but did not quantify the full extent or name affected firms. The advisory linked the activity to Iran-affiliated APT actors and noted Rockwell Automation internet-facing tools as an entry vector. Undetermined at this time.