techjacksolutions.com • 3w
Iran-Linked MuddyWater Actors Compromising Rockwell Automation PLCs in U.S. Critical Infrastructure
Iranian state-sponsored group MuddyWater, affiliated with the Ministry of Intelligence and Security, is actively targeting U.S. critical infrastructure by exploiting internet-exposed Rockwell Automation Programmable Logic Controllers (PLCs). The attackers leverage these exposed OT interfaces to deploy SSH backdoors for persistent access. Once established, they manipulate SCADA display data to deceive industrial operators, masking the actual state of physical processes within the water, energy, and government sectors. This activity, detailed in CISA/FBI Joint Advisory AA26-097A, represents a direct effort to facilitate operational disruptions through the manipulation of Industrial Control Systems (ICS).
Links:techjacksolutions.com, Meritalk, Thehackernews, Itnerd, Cyberscoop, Therecord, Securityweek, Epa, Cybersecuritydive, Helpnetsecurity, Vernonreporter, Reddit, Youtube, Pbs, Csis, Industrialcyber, Recordedfuture, Socdefenders, Nozominetworks, Theguardian, Cert, Brucert, Securitymagazine, Aiweekly, Ynetnews, Hackread, Cyber, Forbes, Ieeexplore, Infosecurity-magazine, CISA Cybersecurity Advisories, Dark Reading •