Iranian-linked threat actors are actively seeking to exploit vulnerabilities in internet-facing operational technology components of U.S. critical infrastructure entities, the Cybersecurity and Infrastructure Security Agency (CISA) and several other U.S. federal intelligence agencies warned in an advisory published April 7.

The advisory specifically warns that Iranian-linked threat actors are targeting programmable logic controllers made by U.S. software manufacturer Rockwell Automation, which critical infrastructure providers use to automate manufacturing processes. Iranian-linked threat actors have carried out a range of cyberattacks since the Middle East conflict began on Feb. 28. Despite their high risk tolerance, Iranian threat actors have carried out only a few notable cyberattacks, including a campaign targeting U.S. medical supplier Stryker on March 11 that wiped data from systems and disrupted business operations for over a week.

RANE
SUBSCRIBERS ONLY

Expert analysis when it matters most.

Get access to RANE's decision-grade geopolitical intelligence.

Subscribe now