In us news developments on Tuesday, multiple federal agencies warned that Iran’s hackers are actively breaking into industrial control systems in the United States. The advisory says the intrusions are tied to an ongoing attempt to disrupt American infrastructure, with victims spanning government services, water and wastewater services, and the energy sector.
The warning is the first public notice of this kind since the war with Iran began in February. the activity has already led to disruptions across several U. S. critical infrastructure sectors, though it remains unclear whether any of the disruptions are significant.
What federal agencies said
The joint advisory was issued by the Cybersecurity and Infrastructure Security Agency, the FBI, the National Security Agency, the Energy Department, and U. S. Cyber Command. It identifies the hackers as Iran-affiliated advanced persistent threat actors, a label used for sophisticated groups that often operate with state backing.
The agencies said the hackers are compromising internet-facing tools made by Rockwell Automation, a Milwaukee-based maker of industrial control systems. They have also been breaking into Rockwell’s Studio 5000 Logix Designer, a customizable program used to control industrial systems. Rockwell did not immediately respond to a request for comment.
Operational disruption and financial loss
The advisory does not name the companies that were hit or spell out how severe the effects have been. Even so, it says the intrusions have caused operational disruption and financial loss for victims, underscoring the pressure on systems that support core services.
Federal agencies recommended taking vulnerable internet-connected controllers offline. The warning shows how quickly the risk has moved from theory to active intrusion, with the focus now on systems that sit directly inside critical infrastructure operations.
In the middle of the latest us news alerts, officials also pointed to earlier activity tied to American water and wastewater systems. They said hackers working for the Islamic Revolutionary Guard Corps had used similar tactics in late 2023, including a campaign that broke into at least 75 devices.
Immediate reaction and wider context
The advisory comes amid rapidly escalating tensions between the United States and Iran. On Tuesday morning, President Donald Trump threatened that “a whole civilization will die tonight” if Iran does not agree to a deal that would reopen the Strait of Hormuz.
Officials also said the Pentagon has given Trump a list of infrastructure targets used by both Iran’s military and its civilian populace if he chooses to order an attack. Since the war started in February, Iran has publicly claimed evidence for only one significant cyberattack against a U. S. company, an attack on a Michigan medical tech company called Stryker.
What happens next
For now, the federal warning points to a broad defensive push around exposed industrial systems and a growing concern that attacks could spread across more sectors. The agencies’ guidance to remove vulnerable internet-connected controllers from service suggests the next phase will center on hardening networks before the intrusions deepen. In this fast-moving us news story, the immediate question is whether operators can contain the impact before more critical systems are affected.
