Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Thousands of U.S. Industrial Controllers Exposed to Iranian Hackers, Censys Finds

The advisory says the hackers are exploiting internet-exposed controllers to alter industrial data and cause disruptions, with more than 5,200 devices found online.

  • On Wednesday, federal agencies warned that Iran-linked actors are exploiting internet-exposed Rockwell Automation/Allen-Bradley programmable logic controllers across U.S. critical infrastructure, causing operational disruptions and financial losses since March.
  • Escalating since March 2026 following U.S.-Israel hostilities, these intrusions mirror earlier campaigns by CyberAv3ngers, an Iran-linked group that targeted similar operational technology devices at water and wastewater utilities in late 2023.
  • Researchers at Censys identified more than 5,200 internet-exposed Rockwell devices globally, with nearly 3,900 based in the United States; attackers are manipulating HMI displays and extracting project files from compromised controllers.
  • Authorities urge critical infrastructure operators to immediately disconnect controllers from the public internet, enable multifactor authentication, and review logs for suspicious traffic originating from overseas hosting providers.
  • The North American Electric Reliability Corp. sent an "all-points bulletin" urging industry vigilance, with its Watch Operations team actively monitoring the grid as experts characterize these operations as a persistent asymmetric strategy by Iran-affiliated actors.
Insights by Ground AI

83 Articles

Tech SpotTech Spot
Reposted by
Cryptocurrency News | Cryptocurrency Prices | Market CapCryptocurrency News | Cryptocurrency Prices | Market Cap
Center

Iran-linked hackers are now targeting industrial controllers in US infrastructure

Federal agencies, including the FBI, CISA, NSA, the Department of Energy, US Cyber Command, and the Environmental Protection Agency, issued an urgent joint advisory Tuesday, warning that an advanced persistent threat group linked to Iran has been exploiting vulnerabilities in programmable logic controllers since at least March 2026.Read Entire Article

Read Full Article
The HillThe Hill
Center

FBI: Iran-linked hackers disrupted US oil, gas, water sites

Iran-linked hackers disrupt internet access for US oil, gas, and water companies, targeting PLC systems. FBI warns of increased cyberattacks.

·Washington, United States
Read Full Article
Straight Arrow NewsStraight Arrow News
Center

Iran-linked hackers targeting critical US energy and water infrastructure

Hackers linked to the Iranian government have been targeting critical U.S. infrastructure, resulting in operational disruption and financial loss, according to a joint U.S. government advisory. The hacking campaign started last month after the U.S. and Israel began carrying out air strikes against Iran. The advisory — issued by agencies including the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FB…

Read Full Article
Cybersecurity DiveCybersecurity Dive
Center

Iran-linked hackers target water, energy in US, FBI and CISA warn

Nation-state actors have exploited flaws in industrial programmable logic controllers, leading to disruption and financial losses.

Read Full Article
Hot NewsHot News
Lean Left

Pro-Iranian Hackers Attacked the Us Critical Infrastructure Before the Army Entered Into Force - hotnews.ro

Hackers associated with the Iranian government have targeted energy and water infrastructure in the United States after President Donald Trump launched the war against the country in the Middle East, showing a new warning issued by the Agency for Safety and Security of Infrastructure (CISA) and other agencies of the US government, reports Gizmodo. According to CISA, hackers have seen ...

·Romania
Read Full Article
Utility DiveUtility Dive
Lean Left

NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat

Hackers have disrupted critical U.S. infrastructure by targeting programmable logic controllers, the Cybersecurity and Infrastructure Security Agency warned.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 65% of the sources are Center
65% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

The Register broke the news in on Tuesday, April 7, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Iran War icon

Iran War

Cyberattacks icon

Cyberattacks

Cybersecurity icon

Cybersecurity

Hacking icon

Hacking

US Economy icon

US Economy

Infrastructure icon

Infrastructure

State-Backed Cyber Operations icon

State-Backed Cyber Operations

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal