Iranian hacking campaigns targeting equipment used across multiple US critical infrastructure sectors are escalating in response to hostilities, US cybersecurity, law enforcement, and intelligence agencies said on Tuesday.
The hackers are targeting publicly exposed programmable logic controllers and supervisory control and data acquisition displays, according to the advisory. The targeted devices are used to interact with or control certain critical infrastructure-related equipment and systems, the advisory said.
The hackers are seeking to cause “disruptive effects within the United States,” according to the advisory. “In a few cases, this activity has resulted in operational disruption and financial loss."
The warning comes as President Donald Trump warned that “a whole civilization will die tonight” if Iran fails to make a deal with the US, while Iran said it would attack additional infrastructure targets across its Gulf neighbors.
In some cases, the hackers interacted with data files in the systems to alter display data, while also extracting device project data, according to the advisory.
Targets of Iran's hacking operations
The hacking operations targeted unnamed critical infrastructure organizations in the government services and facilities, water and wastewater systems, and energy sectors, according to the advisory.
The advisory was issued by the FBI, the National Security Agency, the Cybersecurity and Infrastructure Security Agency, the Environmental Protection Agency, the Department of Energy, and US Cyber Command’s Cyber National Mission Force.
The FBI declined additional comment.