US agencies have warned that Iranian hackers are targeting US critical infrastructure

The US government warns that Iranian-backed hackers are escalating their tactics by targeting US critical infrastructure systems with the goal of causing disruption.

In a joint advisory published on Tuesday, the FBI, National Security Agency, U.S. Cybersecurity Agency and the U.S. Department of Energy collectively warned that Iranian government hackers are exploiting cyber-facing systems used in a range of sectors. These include water, wastewater, energy, and local government utilities. The agencies did not specifically name any of the targets, but said the hacks were intended to cause “disruptive effects within the United States” and had already resulted in “operational disruption and financial loss.”

The agencies said the hackers targeted programmable logic controllers and supervisory control and data acquisition (SCADA) products, which are used to control and manage industrial equipment and systems in critical infrastructure operations. The agencies said the hackers were able to manipulate the information displayed on these devices, and maliciously interact with project files that store important device configurations.

The agencies said the hacks targeting critical infrastructure represent a marked escalation in Iranian hackers’ tactics, likely in response to the US-Israel war with Iran, which began on February 28 with air strikes that killed the country’s leader.

The advice also comes shortly after US President Trump threatened Iran in a social media post earlier on Tuesday, writing: “An entire civilization will die tonight” if Iran does not surrender to a deal with the US to open the Strait of Hormuz, a key corridor for global shipping traffic, by the end of the day.

Since the start of the war, an Iranian government-backed hacking group called Handala has been linked to several high-profile cyberattacks, including the disruptive hack of US medical technology giant Stryker, which saw hackers remotely wipe thousands of employee devices using the company’s security tools.

The FBI recently blamed Handala hackers for leaking partial contents of FBI Director Kash Patel’s private email account.

Iran also hit several US-owned and operated data centers across the region with missiles and airstrikes, causing instability and disrupting cloud services across the region.