🤢 UGLY - Iranian APTs confirmed inside U.S. water, energy, and government infrastructure - They'...

Iranian APT actors have confirmed access inside U.S. water, energy, and government infrastructure with ability to manipulate SCADA displays and hide their presence from operators. Activity has escalated since March 2026 with documented disruptions and financial losses. This is an active persistent threat to critical national infrastructure.

CRITICALAdvisoryApr 12, 2026

Action required

Immediately hunt for SCADA display anomalies, unauthorized remote access, and lateral movement in ICS/SCADA environments. Correlate network logs for command and control traffic to Iranian threat actor IOCs published by CISA. Verify integrity of HMI and operator dashboards across all critical infrastructure systems.

Affected products

CISA

Linked articles

🤢 UGLY - Iranian APTs confirmed inside U.S. water, energy, and government infrastructure - They'...

Source links

https://x.com/SentinelOne/status/2042709886879072455