Iran-linked cyberattacks have disrupted multiple U.S. critical infrastructure sectors by targeting operational technology devices and internet-exposed PLCs. Federal agencies warn the activity manipulates HMI/SCADA project files and data, and they urge immediate review of IOCs and mitigations. #CyberAv3ngers #Handala
Keypoints
- Iran-linked attackers disrupted U.S. critical infrastructure by targeting operational technology (OT) devices across multiple sectors.
- Federal agencies warn internet-exposed programmable logic controllers (PLCs), especially Rockwell Automation/Allen-Bradley models, are being actively targeted.
- Attackers manipulated project files and altered data shown on HMI and SCADA displays, causing operational disruptions.
- Agencies noted similarities to CyberAv3ngers activity, which reportedly used ChatGPT for ICS reconnaissance and exploitation.
- Authorities published IOCs and mitigation recommendations and urged organizations to urgently review networks for signs of compromise.
Read More: https://www.securityweek.com/iran-linked-hackers-disrupt-us-critical-infrastructure-via-plc-attacks/