Iranian state-sponsored hackers are compromising US critical infrastructure sites, prompting a joint warning from six government agencies, including the FBI and NSA. The attackers are targeting programmable logic controllers, which are crucial for managing industrial operations. This disruption is likely a retaliatory measure against the US, signaling a shift from traditional cybercrime to state-aligned activity with geopolitical motivations. The warning emphasizes the urgent need for vigilance, as these attacks can have severe consequences for national security and public safety. The involvement of government agencies like the FBI and NSA indicates a heightened level of concern, as the threat model has evolved from a criminal to a geopolitical one1. This change in threat model requires a different approach to mitigation and response, making it essential for practitioners to reassess their security strategies to counter these sophisticated and targeted attacks.