Iranian Hackers Targeting US Critical Infrastructure, Feds Warn

Attacks on power grids, water systems escalate amid tensions with Iran

Apr. 8, 2026 at 6:04am

Got story updates? Submit your updates here. ›

A highly detailed, glowing 3D illustration of the control panel of a water treatment plant, with neon cyan and magenta lights illuminating the complex array of pipes, valves, and digital displays, conceptually representing the threat of cyberattacks on physical infrastructure.As tensions escalate between the U.S. and Iran, a wave of targeted cyberattacks on critical American infrastructure exposes the vulnerability of aging, digitally-connected systems.Oldsmar Today

The FBI, NSA, and CISA have issued a joint advisory warning about an uptick in cyberattacks from Iranian-linked hackers targeting critical American infrastructure like energy grids and water treatment facilities. The agencies attribute these escalating digital assaults to rising tensions between the U.S., Israel, and Iran.

Why it matters

The threat of Iranian hackers disrupting essential services that millions of Americans rely on daily underscores the vulnerability of aging infrastructure systems to remote digital attacks. Even brief outages at water treatment plants or power grids could have severe consequences, especially for hospitals, emergency services, and vulnerable populations.

The details

The advisory notes that Iranian state-sponsored groups are increasingly focused on infiltrating industrial control systems that manage the operations of water, electricity, and other critical utilities. Attackers seek to exploit exposed login portals, unpatched software flaws, or trick employees into clicking on malicious links to gain access. Once inside, they can monitor systems, steal data, or in extreme cases, directly manipulate equipment.

  • The joint warning was issued in early April 2026.
  • In 2021, a hacker accessed a water treatment plant in Oldsmar, Florida and attempted to raise sodium hydroxide levels to dangerous amounts.

The players

FBI

The Federal Bureau of Investigation, one of the three U.S. agencies that issued the joint advisory.

NSA

The National Security Agency, one of the three U.S. agencies that issued the joint advisory.

CISA

The Cybersecurity and Infrastructure Security Agency, one of the three U.S. agencies that issued the joint advisory.

Iranian state-sponsored groups

Hacker groups operating with the support or direction of the Iranian government, according to U.S. agencies.

Trump administration

The previous U.S. presidential administration that openly threatened Iranian infrastructure with potential counteractions.

Got photos? Submit your photos here. ›

What they’re saying

“This is what actual warfare looks like now. No missiles, just someone sitting in a server room somewhere trying to turn off the lights in Cleveland.”

— packets_and_politics, Reddit user

“The scariest part isn't even the hackers. It's knowing that so much of our infrastructure is running on software from 2003 that was never meant to be connected to the internet.”

— infrasec_eng, Reddit user

What’s next

The CISA is expected to release more detailed technical guidance for infrastructure operators in the coming weeks, clarifying the most vulnerable systems and necessary software patches. Lawmakers may also reignite discussions around mandatory cybersecurity standards for water utilities, especially if a successful attack occurs soon.

The takeaway

This advisory underscores the critical need to modernize aging infrastructure systems and bolster their defenses against evolving digital threats. As physical and cyber security become increasingly intertwined, securing the essential services that communities rely on daily must be a top priority.