Joint advisory documents active exploitation of Rockwell PLCs across energy, water, and manufacturing sectors.
CISA, FBI, NSA, EPA, DOE, and US Cyber Command issued a joint advisory warning that Iran-affiliated APT actors are actively exploiting Rockwell Automation/Allen-Bradley programmable logic controllers across U.S. critical infrastructure. The advisory documents malicious activity targeting internet-facing PLCs in energy, water, and manufacturing sectors.
Operators of industrial control systems should immediately audit their PLC deployments, remove internet-facing devices where possible, and implement network segmentation controls outlined in the joint advisory.
Facilities running Rockwell PLCs in operational technology environments must treat this as an urgent priority—nation-state actors targeting industrial control systems can cause physical damage beyond data theft.
Sources
CISA Warns of Iranian Hackers Targeting US Industrial Control Systems
CISA Urges Critical Infrastructure to Secure PLCs from Iran Hackers
More from Data Privacy & Cybersecurity Browse all →
Adobe Acrobat Zero-Day Under Active Exploitation, Three Agencies Warn
April 18, 2026
CISA Warns Critical ICS Flaws Expose SQL Credentials in Mitsubishi, ICONICS Products
April 13, 2026
Russian APT28 Hijacks Routers to Steal Government Passwords
April 12, 2026
CISA Warns of Actively Exploited Fortinet Vulnerability Affecting Enterprises
April 10, 2026
Get the briefing in your inbox
The top regulatory stories, delivered daily. No noise.
Free. Unsubscribe anytime.