Iranian hacking campaigns targeting equipment used across multiple US critical infrastructure sectors are escalating in response to US-Israel attacks on Iran, US cybersecurity, law enforcement and intelligence agencies have said.
The hackers are targeting publicly exposed programmable logic controllers and supervisory control and data acquisition displays, according to the advisory on Tuesday.
The targeted devices are used to interact with or control certain critical infrastructure-related equipment and systems, the advisory said.
The hackers are seeking to cause “disruptive effects within the United States", according to the advisory.
“In a few cases, this activity has resulted in operational disruption and financial loss."
The warning comes as President Donald Trump warned that “a whole civilisation will die tonight” if Iran fails to make a deal with the US, while Iran said it would attack additional infrastructure targets across its Gulf neighbours.
In some cases, the hackers interacted with data files in the systems to alter display data, while also extracting device project data, according to the advisory.
The hacking operations targeted unnamed critical infrastructure organisations in the government services and facilities, water and wastewater systems and energy sectors, according to the advisory.
The advisory was issued by the FBI, the National Security Agency, the Cybersecurity and Infrastructure Security Agency, the Environmental Protection Agency, the Department of Energy and US Cyber Command’s Cyber National Mission Force.
Last month, hackers purportedly affiliated with Iran accessed FBI Director Kash Patel's personal emails and posted photos and documents taken from his account.
A hacking group also carried out a cyberattack that interfered with operations at a major US medical device company.
At the time, the group claimed the attack was in retaliation for a missile strike on an elementary school in Iran.
