Iran-backed hackers are increasingly targeting American critical infrastructure, U.S. agencies warn, in what experts say is a concerning escalation of cyber threats. The FBI, National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Department of Energy issued a joint advisory Tuesday detailing the attacks on essential systems across the United States.
The hackers are exploiting internet-facing systems in sectors such as water and wastewater utilities, energy facilities, and local government operations. While the advisory did not name specific targets, the agencies confirmed that these attacks have already caused operational disruptions and financial losses, highlighting the growing sophistication of state-backed cyber campaigns.
Key targets include programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) systems, which manage industrial operations and critical infrastructure functions. According to U.S. officials, hackers have manipulated information on these devices and tampered with project files containing vital configurations, raising concerns about potential physical and digital disruptions.
Officials say the attacks represent a sharp escalation in Iranian tactics, likely linked to the ongoing U.S.-Israel conflict with Iran, which began with airstrikes on February 28 that killed the country’s leader. This follows recent threats from U.S. President Donald Trump over control of the Strait of Hormuz, a strategic chokepoint for global shipping.
Since the war’s onset, Iranian government-backed hacker group Handala has carried out several high-profile attacks, including wiping thousands of devices at U.S. medical technology firm Stryker and leaking partial contents of FBI Director Kash Patel’s private email account. Iran has also targeted U.S.-operated data centers in the region, disrupting cloud services and escalating tensions in both physical and digital arenas.
source: techcrunch