Iranian Hackers and the Threat to US Critical Infrastructure

In this episode of Exploited: The Cyber Truth, RunSafe Security CEO Joe Saunders joins host Paul Ducklin to confront a troubling reality: Iranian and pro-Iranian threat actors are targeting critical infrastructure in the United States. From small-town water utilities to nationwide energy providers, the systems we rely on every day are increasingly vulnerable.

Joe explains how groups like CyberAv3ngers—linked to the IRGC—are exploiting weak security in industrial control systems (ICS) and operational technology (OT). Their tactics aren’t always sophisticated, but they are effective: default passwords, outdated software, and internet-exposed devices are all they need to lock operators out and take control.

This urgent conversation explores:

• What we know about recent cyber campaigns targeting PLCs and HMIs
• How poorly secured infrastructure becomes a launchpad for nation-state actors
• What disruptions mean for national security and public health
• What municipalities, vendors, and regulators can do today to improve defenses

Whether you’re a system operator, vendor, or policymaker, this episode will leave you with a clearer picture of the risks—and what’s at stake.