The US government is warning that Iranian-backed hackers are escalating their tactics by targeting US critical infrastructure systems with the aim of causing disruption.
In a joint consultation Published on Tuesday, the FBI, the National Security Agency, the US Cybersecurity and Infrastructure Security Agency (CISA) and the US Department of Energy collectively warned that Iranian government hackers are exploiting Internet-facing systems used in various sectors. These include utilities and water, as well as energy and local government facilities. The agencies did not specifically name any of the targets, but said the hacks were aimed at causing “disruptive effects in the United States” and had already led to “operational disruption and economic damage.”
The hackers targeted programmable logic controllers and supervisory control and data acquisition (SCADA) products, which are used to control and manage industrial equipment and systems in critical infrastructure operations, the agencies said. The agencies reported that hackers were able to manipulate the information displayed on these devices and maliciously interact with project files that store important device configurations.
The agencies said the hacks targeting critical infrastructure were a marked escalation in tactics by Iranian hackers, likely in response to the US-Israeli war with Iran, which began on February 28 with airstrikes that killed the country’s leader.
The advice also comes shortly after US President Donald Trump’s threat to Iran post on social media earlier on Tuesday, writing, “An entire civilization will die tonight” if Iran is not capitulating on a deal with the United States to open the Straits of Hormuz, a key choke point for global shipping traffic, by the end of the day.
Since the start of the war, an Iranian government-backed hacking group called Handala has been linked to several high-profile cyberattacks, including a botched breach at US medical technology giant Stryker that saw hackers remotely wipe thousands of employee devices using the company’s own security tools.
The FBI recently blamed the Handala hackers for leaking the partial contents of FBI Director Kash Patel’s private email account.
Techcrunch event
San Francisco, California
|
13-15 October 2026
Iran has also hit several US-owned and operated data centers across the region with missiles and airstrikes, causing instability and disruption to cloud services across the region.
