The US government has issued an advisory warning that Iran-linked hackers are actively targeting critical infrastructure by compromising industrial control systems, specifically Rockwell Automation programmable logic controllers, though devices from other vendors including Siemens are also at risk. The attackers are using legitimate programming software to manipulate water and energy facilities, causing operational disruptions by altering human-machine interface displays to show false data while actual system values differ dangerously. Security experts are urging organizations to immediately remove these devices from internet exposure and implement zero-trust architectures, noting that thousands of vulnerable systems remain publicly accessible despite the clear threat.