CISA Alert: Iranian APT Targeting US Critical Infrastructure PLCs

Details

Joint CISA/FBI/NSA/EPA/DOE/CNMF advisory. Since March 2026, Iranian-affiliated APT has been manipulating internet-facing PLCs across Government Services, Water/Wastewater, and Energy sectors. Using overseas IPs with Studio 5000 Logix Designer to connect to PLCs, tamper with HMI/SCADA displays, and modify project files. Multiple victims experienced operational disruption and financial loss.