Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

FBI: Iran-Linked Attackers Targeting Critical Infrastructure OT Devices

CRN by CRN
April 7, 2026
Home News
Share on FacebookShare on Twitter


The threat actors are ‘conducting exploitation activity’ targeting operational technology (OT) devices from manufacturers including Rockwell Automation, according to an advisory from the FBI and other agencies.

A cyberattack campaign linked to Iran is attempting to compromise U.S. critical infrastructure through targeting operational technology (OT) devices, according to an advisory Tuesday from the FBI and other federal agencies.

The advisory from the FBI, CISA, NSA and other agencies indicated that Iran-linked threat actors are “conducting exploitation activity” targeting internet-facing OT devices from manufacturers including Rockwell Automation.

[Related: With Iran Cyberthreat Growing, CMMC Isn’t Looking So Crazy: Analysis]

The targeted devices include programmable logic controllers (PLCs) made by Rockwell Automation-owned Allen-Bradley, the advisory said.

The attacks from Iran-linked advanced persistent threat (APT) actors have “led to PLC disruptions across several U.S. critical infrastructure sectors,” the agencies said in the advisory.

The threat actors’ “malicious interactions” with project files and manipulation of data have led to “operational disruption and financial loss,” according to the advisory.

In a statement provided to CRN, Rockwell Automation said that it “takes seriously the security of its products and solutions and has been closely coordinating with government agencies in connection with the Joint Cybersecurity Advisory” released Tuesday.

Rockwell Automation also pointed to several of its own advisories, including recommendations released March 20 with guidance around disconnecting devices from the internet.

“Rockwell Automation has become aware of potential threat actor activity targeting Rockwell Automation controllers,” the company said in the March 20 advisory.

In the joint advisory issued Tuesday by the FBI and other agencies, recommendations included removing PLCs from direct internet exposure, querying logs for IOCs (indicators of compromise) provided in the advisory and placing the physical mode switch for Rockwell Automation devices into the “run” position.

In terms of the recent campaigns targeting U.S. critical infrastructure, the agencies have assessed that Iran-linked APT actors are “conducting this activity to cause disruptive effects within the United States,” the advisory said. “The group has targeted devices spanning multiple U.S. critical infrastructure sectors, including Government Services and Facilities (to include local municipalities), Water and Wastewater Systems (WWS), and Energy Sectors.”

The agencies noted that they had previously disclosed findings of “similar activity targeting PLCs” by CyberAv3ngers, also known as Shahid Kaveh Group, which is a threat actor “affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC) Cyber Electronic Command (CEC).”



Source link

Tags: CyberattacksCybersecuritynetwork security
CRN

CRN

Next Post
30 Notable IT Executive Moves: March 2026

30 Notable IT Executive Moves: March 2026

Recommended.

ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

July 10, 2025
ZTE CDO Cui Li Highlights Efficient and Green AI as a Driver of SDGs Progress at AI for Good Global Summit

ZTE CDO Cui Li Highlights Efficient and Green AI as a Driver of SDGs Progress at AI for Good Global Summit

July 11, 2025

Trending.

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

April 21, 2026
AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

January 30, 2026
Anthropic’s 5 Huge Hires From OpenAI, Google, Microsoft And xAI In 2026

Anthropic’s 5 Huge Hires From OpenAI, Google, Microsoft And xAI In 2026

July 7, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio