• Home
  • cyber
  • Stryker and Rockwell Automation: Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn
cyber Cyber Attack

Stryker and Rockwell Automation: Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn

Mar 1, 2026 2 min read
Stryker and Rockwell Automation: Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn

U.S. Government Warns of Iranian Cyberattacks Targeting Critical Infrastructure

U.S. intelligence and cybersecurity agencies issued an urgent joint alert on Tuesday, warning that Iranian government-linked hackers are conducting disruptive cyberattacks against American energy and water infrastructure. The attacks, which have intensified since the onset of U.S.-Israel military strikes against Iran, specifically target operational technology (OT) systems, including programmable logic controllers (PLCs) from Rockwell Automation/Allen-Bradley.

The alert issued by the FBI, NSA, CISA, EPA, Energy Department, and Cyber Command details how Iran-affiliated advanced persistent threat (APT) actors have exploited internet-facing OT devices, leading to disruptions in critical infrastructure sectors. These attacks involve malicious interactions with project files and manipulation of human-machine interface (HMI) and supervisory control and data acquisition (SCADA) systems, resulting in operational disruptions and financial losses for victims.

Since March, the agencies have identified new victims tied to an Iranian APT group, with at least 75 devices compromised in earlier campaigns. Affected sectors include government services, water and wastewater systems (WWS), and energy. Some organizations have already experienced operational downtime due to the attacks.

This latest wave follows previous warnings about Iranian cyber threats, including a 2023 attack on a Pennsylvania water facility. Recent targets have also included major corporations like medtech firm Stryker and local government entities. Separately, the FBI had previously flagged Iranian hackers using Telegram to distribute malware, though that campaign predates the current conflict.

Source: https://cyberscoop.com/iranian-hackers-cyberattacks-us-energy-water-infrastructure-plc-scada-warning/

Stryker cybersecurity rating report: https://www.rankiteo.com/company/stryker

Rockwell Automation cybersecurity rating report: https://www.rankiteo.com/company/rockwell-automation

"id": "STRROC1775594506",
"linkid": "stryker, rockwell-automation",
"type": "Cyber Attack",
"date": "3/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Public Sector',
                        'location': 'United States',
                        'name': 'Government services',
                        'type': 'Government'},
                       {'industry': 'Water and Wastewater',
                        'location': 'United States',
                        'name': 'Water and wastewater systems (WWS)',
                        'type': 'Utility'},
                       {'industry': 'Energy',
                        'location': 'United States',
                        'name': 'Energy sector',
                        'type': 'Utility'},
                       {'industry': 'Medtech',
                        'location': 'United States',
                        'name': 'Stryker',
                        'type': 'Corporation'},
                       {'industry': 'Public Sector',
                        'location': 'United States',
                        'name': 'Local government entities',
                        'type': 'Government'}],
 'attack_vector': 'Exploitation of internet-facing OT devices, manipulation of '
                  'HMI and SCADA systems',
 'description': 'U.S. intelligence and cybersecurity agencies issued an urgent '
                'joint alert warning that Iranian government-linked hackers '
                'are conducting disruptive cyberattacks against American '
                'energy and water infrastructure. The attacks target '
                'operational technology (OT) systems, including programmable '
                'logic controllers (PLCs) from Rockwell '
                'Automation/Allen-Bradley, leading to disruptions in critical '
                'infrastructure sectors.',
 'impact': {'downtime': 'Yes',
            'financial_loss': 'Yes',
            'operational_impact': 'Operational disruptions in critical '
                                  'infrastructure sectors',
            'revenue_loss': 'Yes',
            'systems_affected': 'Operational technology (OT) systems, PLCs, '
                                'HMI, SCADA systems'},
 'initial_access_broker': {'entry_point': 'Internet-facing OT devices',
                           'high_value_targets': 'Operational technology (OT) '
                                                 'systems, PLCs, HMI, SCADA '
                                                 'systems'},
 'motivation': 'Disruptive cyberattacks in response to U.S.-Israel military '
               'strikes against Iran',
 'references': [{'source': 'FBI, NSA, CISA, EPA, Energy Department, Cyber '
                           'Command joint alert'}],
 'threat_actor': 'Iranian government-linked APT group',
 'title': 'U.S. Government Warns of Iranian Cyberattacks Targeting Critical '
          'Infrastructure',
 'type': 'Cyberattack',
 'vulnerability_exploited': 'Internet-facing OT devices, project files in PLCs'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.