WASHINGTON (SourceRated) — The U.S. government issued a cybersecurity warning Thursday after multiple industrial facilities reported operational disruptions linked to suspected Iranian state-backed hackers. The attacks targeted critical infrastructure sectors, including manufacturing and energy, according to federal officials familiar with the incidents.
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed it was investigating “coordinated attempts to compromise industrial control systems” but declined to name affected companies. Analysts noted the timing coincides with heightened U.S.-Iran tensions over nuclear negotiations and regional conflicts.
“This fits Iran’s pattern of retaliatory cyber operations during diplomatic friction,” said a former NSA official now with the Atlantic Council, speaking anonymously to discuss sensitive intelligence. Iranian state media has not acknowledged the alleged attacks.
Industrial cybersecurity firm Dragos reported detecting similar malware to tools previously used by Iranian APT groups like “Chrysene” and “Hexane.” The malware appears designed to manipulate physical processes in operational technology networks, though full impact assessments remain ongoing.
Experts warn such attacks could escalate if unaddressed. “Critical infrastructure has become the new battleground,” said CISA Director Jen Easterly in recent congressional testimony. The White House is reportedly weighing diplomatic responses alongside new sanctions.