“The Unitronics attacks demonstrated the IRGC does have industrial control systems hacking capabilities,” confirms Grant Geyer

Summary

As US President Donald Trump threatens wholesale demolition of Iran's infrastructure in the midst of an escalating war, Iran now appears to have already reciprocated with its own form of infrastructure sabotage: A hacking campaign hitting industrial control systems across the United States, including energy and water utilities, that US agencies say has had disruptive and costly effects. In a joint advisory published Tuesday, a group of US agencies including the FBI, the National Security Agency, the Department of Energy, and the Cybersecurity and Infrastructure Security Agency warned that a group of hackers affiliated with the Iranian government has targeted industrial control devices used in a series of critical infrastructure targets including in the energy sector, water and wastewater utilities, and unspecified “government facilities.

By compromising those PLCs, the advisory warns, the hackers sought to change information on the displays of industrial control systems, which can in some scenarios cause system downtime, damage, or even dangerous conditions. “It’s well documented that Iranian actors target industrial control systems and see them as a nexus to apply pressure,” says Rob Lee, the co-founder and CEO of Dragos, a cybersecurity firm that focuses on industrial control systems, who says that his firm has responded to multiple incidents targeting industrial systems since the war against Iran began last month. When WIRED reached out to Rockwell Automation, a company spokesperson responded that it “takes seriously the security of its products and solutions and has been closely coordinating with government agencies in connection with” Tuesday's advisory, and pointed to documents it has published for customers on how to better secure their PLCs.