US authorities warn that Iranian hackers are targeting US critical infrastructure

The U.S. government has warned that Iranian-backed hackers are escalating their tactics by targeting U.S. critical infrastructure systems in an effort to cause chaos.

In a joint advisory released Tuesday, the FBI, National Security Agency, U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. Department of Energy jointly warned that Iranian government hackers are exploiting internet-connected systems used in a wide range of sectors. These include water and wastewater facilities, energy and municipal facilities. Officials did not name specific targets, but said the hack was aimed at causing “a devastating impact within the United States” and had already caused “business disruption and economic loss.”

The hackers targeted programmable logic controllers and supervisory control and data acquisition (SCADA) products used to control and manage industrial equipment and systems in critical infrastructure operations, the agency said. The hackers were able to manipulate the information displayed on these devices and maliciously manipulate project files that store critical device configurations, the agency said.

The government agency said the hack targeting critical infrastructure was a notable escalation in tactics by Iranian hackers and likely a response to the U.S.-Israel war against Iran, which began with the airstrike that killed the country’s leader on February 28.

The advisory also comes shortly after U.S. President Donald Trump threatened Iran in a social media post early Tuesday, saying that “tonight, the entire civilization will perish” if Iran does not bow to a deal with the United States that would open the Strait of Hormuz, a key barrier for global shipping traffic, by the end of the day.

Since the start of the war, an Iranian state-backed hacker group called Handara has been implicated in several high-profile cyberattacks, including a devastating breach at US medical technology giant Stryker. In the attack, hackers used the company’s proprietary security tools to remotely wipe thousands of employee devices.

The FBI recently accused Handara Hacker of leaking some of the contents of FBI Director Kash Patel’s private email account.

Iran has also attacked multiple U.S.-owned and operated data centers in the region with missiles and airstrikes, causing instability and disruption to cloud services across the region.