Nearly 4,000 US industrial devices exposed to Iranian cyberattacks

Iranian-linked threat actors are actively targeting nearly 4,000 Internet-exposed programmable logic controllers (PLCs) manufactured by Rockwell Automation across U.S. critical infrastructure networks. These industrial control systems represent a significant attack surface due to their direct connectivity to operational technology environments. State-sponsored actors are leveraging these exposed PLCs to gain initial access, potentially enabling espionage, data collection, or disruptive operations against power grids, water systems, and manufacturing facilities. Organizations should immediately audit Internet-facing industrial devices, implement network segmentation between IT and OT environments, enforce strict access controls, and deploy monitoring solutions for anomalous PLC communications. Prioritizing the remediation of exposed operational technology assets is critical to mitigating this nation-state threat.

The attack surface targeted by Iranian-linked hackers in cyberattacks against U.S. critical infrastructure networks includes thousands of Internet-exposed programmable logic controllers (PLCs) manufactured by Rockwell Automation. [...]

Iranian-linked threat actors are actively targeting nearly 4,000 Internet-exposed programmable logic controllers (PLCs) manufactured by Rockwell Automation across U.S. critical infrastructure networks. These industrial control systems represent a significant attack surface due to their direct connectivity to operational technology environments. State-sponsored actors are leveraging these exposed PLCs to gain initial access, potentially enabling espionage, data collection, or disruptive operations against power grids, water systems, and manufacturing facilities. Organizations should immediately audit Internet-facing industrial devices, implement network segmentation between IT and OT environments, enforce strict access controls, and deploy monitoring solutions for anomalous PLC communications. Prioritizing the remediation of exposed operational technology assets is critical to mitigating this nation-state threat. The attack surface targeted by Iranian-linked hackers in cyberattacks against U.S. critical infrastructure networks includes thousands of Internet-exposed programmable logic controllers (PLCs) manufactured by Rockwell Automation. [...] The attack surface targeted by Iranian-linked hackers in cyberattacks against U.S. critical infrastructure networks includes thousands of Internet-exposed programmable logic controllers (PLCs) manufactured by Rockwell Automation. [...]