The Cybersecurity and Infrastructure Security Agency has issued an urgent advisory warning that Iranian-linked threat actors are actively targeting US critical infrastructure including power grids, water systems, and transportation networks.
Threat Assessment
CISAs advisory identifies multiple advanced persistent threat groups (APTs) exploiting known vulnerabilities in operational technology (OT) systems. The attacks have intensified since the escalation of the Iran conflict in early 2026.
Targeted Sectors
- Energy: SCADA systems at power plants and grid operators
- Water: Municipal water treatment facilities
- Transportation: Port management and air traffic systems
- Healthcare: Hospital network infrastructure
Recommended Actions
CISA recommends all critical infrastructure operators immediately patch known vulnerabilities, implement network segmentation between IT and OT systems, enable MFA on all remote access, and monitor for indicators of compromise published in the advisory.
