Iran-Backed Hackers Target U.S. Water, Energy, and Tourism Sectors in Growing Cyber War

Iranian hackers are ramping up their cyberattacks against U.S. targets, focusing on what experts call “low-hanging fruit” in critical infrastructure sectors such as water, energy, and tourism. The Handala Hack Team, a pro-Palestinian group linked to Iran, recently breached FBI Director Kash Patel’s personal email, releasing hundreds of private messages and documents. This attack is part of a broader Iranian strategy to disrupt and destabilize U.S. operations and sow fear among the population.

In March, the medical technology giant Stryker was hit by a cyberattack attributed to the same group, halting operations for weeks and causing significant financial losses. This incident underscores the vulnerability of private companies that operate much of the nation’s critical infrastructure.

A joint advisory from the FBI, NSA, Cybersecurity and Infrastructure Security Agency, and Department of Energy warns that Iran-backed hackers are actively targeting water and power plants. While the agencies did not name specific targets, they confirmed these attacks have already caused operational disruptions and financial damage.

Cybersecurity experts highlight that these attacks are not technically sophisticated but exploit basic security weaknesses like open network ports. Robert Olsen, COO of Hilco Global Cyber Advisors, explained that hackers only need to succeed once, while organizations must maintain near-perfect security to defend themselves. The increasing ease of launching cyberattacks, fueled by AI advancements, further amplifies the threat.

Beyond cyber intrusions, Iran is also engaging in information warfare, using fake social media videos to project power amid military setbacks. U.S. military officials report significant destruction of Iran’s air defense systems, but cyberattacks remain a key tool for Tehran to inflict “collateral damage” and pressure countries involved in regional conflicts.

Nikita Shah, a senior fellow at the Center for Strategic and International Studies, emphasized that Iran’s goal is to create friction and costs that might push governments to reconsider their roles in ongoing wars. Disrupting everyday services like water and electricity hits civilians directly, making these attacks a form of psychological and economic warfare.

As Iran continues to leverage cyberattacks alongside traditional military tactics, the risk to U.S. critical infrastructure and the public grows. Private sector vigilance and government coordination are crucial to counter these persistent threats that blur the lines between warfare and terrorism.