Vendor platform hacks threaten infrastructure

Iran‑linked hackers gained persistent access to vendor‑provided internet interfaces for programmable logic controllers and manipulated project files at Rockwell Automation, causing operational disruption and financial loss across U.S. oil, gas, and water customers. The FBI, NSA, DOE and CISA jointly published the finding and urged stronger network defenders and multifactor authentication after the intrusions began in January of last year and ended in March. — Demonstrates that compromises of vendor platforms and industrial control‑system service layers can translate quickly into national‑security risks for energy and water systems, changing how policymakers and companies must prioritize supply‑chain and ICS defenses.