Iran’s hackers are actively breaking into industrial control systems in the U.S., multiple federal agencies warned Tuesday, in an ongoing attempt to disrupt American infrastructure.Subscribe to read this story ad-free Get unlimited access to ad-free articles and exclusive content.Hackers are compromising internet-facing tools made by Rockwell Automation, a Milwaukee-based maker of industrial control systems, which has led to “disruptions across several U.S. critical infrastructure sectors,” the advisory says. It is unclear if any of the disruptions are significant.The hackers have targeted victims in government services, water and wastewater services and the energy sector, it says. The warning concerning domestic critical infrastructure threats is the first one of its kind released to the public since the U.S. war with Iran began.The advisory does not name which companies have been disrupted or how severe the effects of the hacks have been, but says they have resulted in “operational disruption and financial loss” for victims.It is jointly authored by the federal Cybersecurity and Infrastructure Security Agency, FBI, NSA, Department of Energy, and U.S. Cyber Command. The agencies recommend taking vulnerable internet-connected controllers offline.It identifies the hackers as “Iran-affiliated advanced persistent threat (APT) actors.” APTs are a cybersecurity industry term used to refer to sophisticated or dogged hacker groups, and they usually represent a unit working for a country’s military or intelligence services.The hackers have been breaking into Rockwell’s Studio 5000 Logix Designer, a customizable program to control industrial systems, the advisory said. Rockwell did not immediately respond to a request for comment.The alert comes in the wake of President Donald Trump threatening Tuesday morning that “a whole civilization will die tonight” if Iran does not agree to a deal that would reopen the Strait of Hormuz. Officials told Jattvibe News that the Pentagon has given Trump a list of infrastructure targets used by both Iran’s military and civilian populace — potentially to avoid strikes being designated war crimes — if he chooses to order an attack.Since the war started in February, Iran has only publicly claimed evidence for one significant cyberattack against a U.S. company, an attack on a Michigan medical tech company called Stryker.The U.S. previously accused hackers working for the Islamic Revolutionary Guard Corps of targeting similar systems to attack American water and wastewater systems in late 2023. The hackers, using the pseudonym “CyberAv3ngers,” broke into at least 75 devices, the advisory said, though there were no public reports of them causing significant damage to American water or wastewater operations.