Officials: Iran Cyber Attacks Targeting U.S. Infrastructure U.S. intelligence agencies are warning private-sector companies throughout the nation that Iranian actors “are conducting exploitation activity” that has resulted in disruptions to U.S. critical infrastructure.
Posted by Special_Library_766@reddit | PrepperIntel | View on Reddit | 70 comments
Found this today. Passing it along. I have no information otherwise.
Original-Fish-6861@reddit
Chances of some false flag incident prior to the midterms? Approximately 100%.
Disrupt_money@reddit
The majority of Americans already oppose America starting this war. Iran is winning the battle of opinion. Who would benefit from a cyberattack on our water? Not Iran. Israel would benefit, because it would portray Iran as the bad guys and justify an escalation of American force in Iran, likely a ground invasion with a national draft.
linniex@reddit
We cant keep blowing their shit up and killing children and NOT expect something terrible to happen to us
Disrupt_money@reddit
Iranian leadership on 4/1 clarified that their enemy is the American government, not the American people. And that the American government does not represent the American people because it is occupied by Zionists who act in Israel’s interests, not America’s.
https://x.com/drpezeshkian/status/2039418009052119190
AAPL_@reddit
CLEAR OUR DEBTS AND WE WILL OVERTHROW THE GOVERMWNT
Dr_Mantis_ToboganMD@reddit
Their actions so far aren’t enough? That’s what you’re all waiting for? All mouth, no trousers the entire country.
AAPL_@reddit
i’m sorry to have disappointed you dr tobogan
Rods-from-God@reddit
This is just the MrRobot plotline with extra steps
IcyWarp@reddit
It sounds like Fight Club as well, yeah?
Rods-from-God@reddit
MrRobot is largely Fight Club with computers and a Chinese APT and govt working in cahoots to play American politicians like a fiddle while throwing smokescreens under the cover of Iranian aggression.
So yes, but more.
fragrant-final-973@reddit
I'm ok with the extra steps vs it not happening at all.
Girafferage@reddit
Its all they have to realize lol. You know who would complain if all debts to mega-corporations were wiped? The people who USED to have a lot of money lol.
AntagonisticFetus@reddit
We’ll all be truly equal then.
fragrant-final-973@reddit
Sadly, the rich can pretend to stay rich for longer than most would think. They don't just come take all their stuff like Schitt's Creek.
thehourglasses@reddit
They can’t hide from biosphere collapse, and that bill is coming due before the end of the decade.
fragrant-final-973@reddit
Sure, I'm just saying that if the lower 99% suddenly became debt free and the economic system as we know it collapsed, the 1% will still be safe in their bunkers and compounds for awhile. They'd likely just become feudal lords or some shit.
thehourglasses@reddit
My guess is that their security details would instantly merc them and it would devolve into a dog eat dog bloodbath with these Jason Bourne wannabes sneaking around like solid Snake complete with hiding in cardboard boxes.
Lazy_Resolve_9747@reddit
Remember those articles from like 10-15 years ago? One of the hypotheticals they were discuss amongst each other was having kill collars on the staff in the bunkers to prevent them from revolting. So they have some plans for this.
(I still think they would lose quickly).
fragrant-final-973@reddit
Don't threaten me with a good time.
SurgeFlamingo@reddit
Not if we bring back the guillotine
fragrant-final-973@reddit
Be the change you want to see in the world.
BrotherJebulon@reddit
What happens when we pour concrete over the doors and vents?
Serious question.
fragrant-final-973@reddit
I sure would like to know as well.
AntagonisticFetus@reddit
The world would be a better place.
The_Brem@reddit
Premise of Fight Club
Jatobi1993@reddit
To be fair, if they hacked all the banks and cleared everyone’s loans and debts I think you would see most Americans suddenly saying “you know, Iran ain’t so bad.”
fragrant-final-973@reddit
Back in the 70's they weren't... but we fixed that.
tennezzee88@reddit
good. i hope it's chaos.
EugeneStargazer@reddit
Here's hoping they can delete all the student loan and medical debt databases!
ObjectiveDark40@reddit
This article is 8 days old. Here is the relevant post from 8 days ago when this was first posted here.
https://www.reddit.com/r/PrepperIntel/comments/1sf7rs2/iranlinked_hackers_are_sabotaging_us_energy_and/
bigvicproton@reddit
Can you blame them?
recurrence@reddit
I really hope that they have water processing clamped down at this point. If not, it should be basically the highest priority.
dnhs47@reddit
“They” would be every independent water district in the country - and they absolutely do not have everything “clamped down”.
In fact, water districts are among the worst offenders at keeping ancient, highly-vulnerable digital infrastructure deployed. “If it works, don’t fix it” rules their decision making.
Since each district individually has never been shutdown by cyberattacks previously, and very, very few other districts have, there’s nothing to worry about, right?
Wrong. Ancient industrial controllers that automate monitoring and flow control were deployed 30 years ago with zero thought to securely. Still working? Yep! Nothing to see here, move along.
Until hundreds of water districts are hacked and shut down, and millions of people lose access to clean water, things will remain as they are: extremely vulnerability without a care in the world.
Source: years working in software security.
Phallic_Moron@reddit
I'm not worried about PLC's being infected. Maybe if we piss Israel off enough we will get another Stuxnet. If it's a software issue then that is easily rectified.
Sure, hack billing and make the site impossible to use. Whatever. Valves and controllers use PLC's because they can run for decades and be quickly fixed.
thekbob@reddit
PLCs are prime vector for attack. They're rarely updated, so any defects in the codebase won't be fixed.
Getting back to the IT from the OT is for surveillance or white collar crime.
All they have to do is sabotage OT to call for system utilization that will cause physically damaging fail states.
A fun one, fire alarms with network addressing and call back to 911 services. Would be a bad time if you set off the sprinklers in major manufacturing facilities all at once; not only are you dumping the grossest water ever on the floor, but the water call would cause havoc on the greater distribution system.
Plenty of other example. PLCs and down steam sensors have been a known attack vector for decades.
Phallic_Moron@reddit
PLC's don't get regular updates. That's their whole point. If a process changes then yes you get a laptop and add in the logic changes. It's extremely difficult to target and actually reach one.
My point is that industrial machinery is designed with PLC's because you don't need software to keep them online. If a windows bug takes out the HMI or SCADA connectivity somehow, the machines will still run. Well, as long as you have power. Ha.
thekbob@reddit
I dunno what to say, but PLCs are absolutely attack vectors.
I've seen records of attacks through sensors on pipelines that compromise the entire system.
Every single thing running code that is connected to other devices in any fashion is a vector. You're insecure if you treat it otherwise (hint: most OT is grossly insecure).
GridDown55@reddit
Why aren't you worried about PLCs? Curious
Ok-Secretary455@reddit
Are you kidding? Current lead time on allen-bradley comms PLC units are 6-8 weeks. And most places do NOT have them sitting on the shelf in their parts room. Knock those out and you take down most manufacturing in the country.
You SHOULDN'T be able to. All networks for all machines SHOULD be air gapped from any outside network. But because managers and supervisors want to be able to sit at their house and watch lines change color from green to red so they know when something goes down. Now they open themselves up to shit like this.
You don't even have to break anything. If you can gain access just download a blank program to the PLC. Holy crap whole warehouses would be done. The only backup copy they have is 10 years old and doesn't have any of the changes that have happened since then.
Phallic_Moron@reddit
It would be easier to just gain physically access than to try and get through a remote SCADA.
You'd have to be standing in front of the PLC to upload a program. By that time just forget about it as anything could happen.
Some salient points from everyone.
dnhs47@reddit
Attack hundreds of water districts (power companies, etc., etc.) simultaneously - who’s fixing all that, simultaneously? The people running it can’t , there are limited numbers of consultants who can, and they can’t be everywhere at once.
“ Software issue … easily rectified”. Words you never hear together, and for good reason 🙂🤣😭
Rods-from-God@reddit
Don't worry, AI will save us. At least that's what all the stakeholders who despise the working class claimed would come to pass when they fired an enormous chunk of the cybersecurity industry *after* Trump gutted it by removing most of the "old guard" who knew what they were doing, stripping regulations which safeguarded critical infrastructure, forfeited our telecom infrastructure to the Chinese, and held a political gun to the head of any federal contractor who hired a woman, PoC, or LGBT cybersecurity specialist.
But clearly the non-technical layman stakeholders know what they're doing, right? I may just be an unemployed senior cyber threat intelligence collections manager who hasn't had an honest interview with an honest hiring manager in over a year who has obtained enough of a solar power budget to sustain my family continuously and ways to filter and purify water for months- but clearly I did all this *just for fun*, because *AI totally has us covered, and nothing could possibly go wrong*.
dnhs47@reddit
+1 to all of that.
Bulky-Captain-3508@reddit
I feel like it wouldn't take much to isolate these systems. They can run on their own subnetwork with a firewall and server as a stop from outside access.
dnhs47@reddit
Many are field-deployed, not sitting in racks in climate-controlled IT rooms.
boogiewithasuitcase@reddit
I was in a stream yesterday and a local was telling me it was 50:50 if the wastewater plant upstream was broken and discharging sewage into it. He said you’ll know it when you smell it… this poor community has been neglected by the government for decades
recurrence@reddit
What worries me even more than lack of delivery is someone altering the chemical mix. You can kill people with surprisingly minor adjustments to those ratios.
dnhs47@reddit
Changing the chemical mix is barely harder than shutting things down, so it’s really “hacker’s choice” what they do. Poison or shutoff, easy peasy - they just need motivation.
All those reports about hackers infiltrating businesses was mapping and cataloging networks, so they already know what’s there and what they can do with it.
thekbob@reddit
Thirty years ago ... Over a decade ago.
Most stuff is late 70 to early 80s tech in the field, talking back to a Windows XP machine that already needed layers of virtualization to get the archaic software to work on that "modern" system.
Every switch and circuit in between a vector, most likely using factory default passwords.
Disrupt_money@reddit
The largest water provider in the USA was hacked in November of 2024.
https://www.ispartnersllc.com/wp-content/uploads/Timeline-of-the-cyberattack-1024x576.png
https://www.ispartnersllc.com/blog/american-water-works-cyberattack/
https://amwater.com/corp/security-faq
Own-Swan2646@reddit
https://defconfranklin.com/water_cybersec.html there is a volunteer group that's been trying to make a significant effort in this area, but quite honestly it's way too late to even have this conversation. It should have been a priority a decade ago.
IamJacksUserID@reddit
rojira1@reddit
Wait!! But but but our Führer said the war is over!!!
BoWLeRDaV300@reddit
Curious to see if the threat of overseas cyber attacks could be a precursor for heavy US civilian restrictions on the internet as a whole.
Big_Fortune_4574@reddit
Article doesn’t exist and hasn’t since the moment you posted this. Honestly confused as to why anyone is commenting as if there’s an actual article being linked.
MrD3a7h@reddit
OP included the Google Chrome text highlighting feature at the end of the URL.
Here's a clean link that will probably work.
Big_Fortune_4574@reddit
Thank you that works 👍
reccenters@reddit
Article works for me.
Cracklin0atBran@reddit
There is a working article linked though….
Special_Library_766@reddit (OP)
Hmmm 🤔 works fine on this end. Maybe go to govtech dotcom and locate it yourself. It's under the category "Cybertech" and scroll down, down to the title of the article in the post. Dated April 8, 2026.
Doc891@reddit
for a second i thought they were being white hats and letting them know the vulnerabilites. I am so uninterested at this point because its never stopped being a problem that i thought this had to be something new happening.
Special_Library_766@reddit (OP)
So you just need to know it exists, not when, how, where, why? Fair enough.
Doc891@reddit
i mean thats why i have a freeze on my credit and i watch them bills. You cant stop hacks from happening, you cant make the companies put your data in a steel vault, you can only deal with the potential aftermath of one and even then knowing the when, how, and why dont serve you unless you are with the company and have the ability to help defend against the hack in the future.
JudgmentUnited5297@reddit
The only thing I've added on top of that lately, is putting my iPhone on lockdown mode. It doesn't effect my user experience as I'm already not using a lot of the features it affects. Being in an urban environment where sim farms have been found, that's about the only thing I'd deeply care about.
Special_Library_766@reddit (OP)
Sounds like you're all set there. Maybe get a WaterBob is all I'm thinking.
zod_less@reddit
Now is a good time to fight back against this IT/OT convergence nonsense 😅
JudgmentUnited5297@reddit
Oh no! Don't hit Zoom and Teams! Please Iran! We're begging 😂
Deletious@reddit
blowback
thekbob@reddit
Every single type utility infrastructure is a vector for attack of they use any modern control systems.
There's certainly a lot of considerations made by the prime companies for OT security in a post-Stuxnet world, but nothing is perfect.
If a system relies on sensors, those could be made to feed bad data.
If a system relies on solid state controls versus electromechanical ones, those can be burnt out or disabled.
Access control could lock out people who need to service equipment.
And every single level is a vulnerability, from main stations and plants to end of the line monitoring devices. Old meters, sensors, or PLCs with no security or compromised security can be a back door into overall OT or IT systems for sabotage.
We have amazing infrastructure, but it's fragile and operates on mutual good faith. They're a lot more vulnerable than people think.
Girafferage@reddit
So far there have seemingly been minimal disruptions, but perhaps thats because of the ceasefire efforts.