Nation-stateApr 8, 2026
Iranian Threat Actors Disrupt US Critical Infrastructure Via Exposed PLCs
Iranian threat actors disrupted US critical infrastructure by compromising exposed programmable logic controllers.
Summary
Iranian state-sponsored attackers exploited Internet-facing programmable logic controllers (PLCs) to compromise US critical infrastructure systems across multiple sectors. The intrusions resulted in file and display manipulation, operational disruption, and financial losses. The attack highlights the persistent threat from nation-state actors targeting vulnerable OT/ICS environments.
Indicators of Compromise
- mitre_attack — T1190
- mitre_attack — T1657
Entities
Iranian state-sponsored actors (threat_actor)Programmable Logic Controllers (PLCs) (technology)OT/ICS (Operational Technology / Industrial Control Systems) (technology)