Critical Infrastructure Cyber

State of play.

• Iranian cyber operations have shifted from episodic to sustained campaigns against U.S. operational technology. CISA, FBI, NSA, DOE, EPA, and U.S. Cyber Command issued a joint advisory identifying IRGC-affiliated CyberAv3ngers as actively exploiting internet-facing Rockwell Automation and Allen-Bradley PLCs across water, wastewater, energy, and government sectors — with documented operational outages and financial losses .
• AI has crossed a capability threshold that outpaces traditional vulnerability management. Anthropic's Claude Mythos Preview autonomously discovered thousands of high-severity zero-day flaws — including bugs dormant for 27 years — before Anthropic declined to release it publicly; Project Glasswing now channels those capabilities defensively through a coalition of over 50 major technology firms .
• CIRCIA's mandatory reporting framework is approaching finalization. CISA is expected to finalize rules requiring 72-hour incident reporting and 24-hour ransomware payment reporting across all 16 critical infrastructure sectors, with the compliance window narrowing for entities that have not yet mapped their exposure (→ Clark Hill Warns CRE Owners of Impending CIRCIA Cyber Reporting Rules).
• State-sponsored malware is defeating standard patch-and-reboot remediation. The Firestarter backdoor — attributed to UAT-4356, a state-sponsored actor — persists across firmware patches, software upgrades, and reboots on Cisco Firepower devices at a federal civilian agency, requiring hard power-off and full reimaging .
• For counsel advising critical infrastructure operators, energy utilities, healthcare systems, or government contractors, the practical baseline is simultaneous exposure on four fronts: active Iranian OT targeting, AI-accelerated vulnerability discovery outpacing patch cycles, imminent CIRCIA reporting obligations, and firmware-level persistence that renders standard remediation insufficient.

Where things stand.

• Iranian OT targeting is a sustained, multi-sector campaign. CyberAv3ngers — an IRGC Cyber Electronic Command affiliate — has compromised at least 75 core automation devices and is actively manipulating PLC configurations, SCADA displays, and sensor data across water, energy, and government infrastructure; the campaign escalated following U.S.-Israeli military action against Iran .
• FERC Order No. 919 resets grid cybersecurity compliance for all BES entities. The order, effective May 26, 2026, updates eleven CIP Reliability Standards to permit secure virtualization under "per system capability" language, introduces four new defined terms, and requires mandatory compliance by April 1, 2028 — with gap assessments urgent given the 24-month window .
• The FCC has added all foreign-produced consumer routers to its Covered List. New models are barred from equipment authorization; existing authorized models may be sold through at least March 1, 2027 under a blanket waiver, with DoD/DHS exemption authority for conditional approvals — grounded in Volt Typhoon, Flax Typhoon, and Salt Typhoon intrusions .
• CIRCIA finalization is the near-term compliance trigger for 16 sectors. The 72-hour substantial-incident and 24-hour ransomware-payment reporting obligations will apply broadly, with commercial real estate now flagged as a potentially covered sector given its BEC and transaction-attack exposure (→ Clark Hill Warns CRE Owners of Impending CIRCIA Cyber Reporting Rules).
• AI vulnerability discovery has outpaced organizational patching capacity. CrowdStrike has documented an 89 percent year-over-year increase in AI-driven attacks; Mythos Preview's controlled-access model through Project Glasswing — backed by $100 million in Anthropic usage credits — is the current industry response, but disclosure and liability frameworks for AI-discovered vulnerabilities remain unsettled .
• Ransomware against local government and water infrastructure is producing state-level emergency responses. Minnesota's governor deployed the National Guard for a ransomware attack on Winona County — the county's second incident in four months; North Dakota's Minot water treatment plant SCADA system was disabled by ransomware, forcing 16 hours of manual operations .
• Healthcare infrastructure faces geopolitically motivated attacks with direct earnings and litigation consequences. The Iran-linked Handala group's March 2026 attack on Stryker disrupted operations across 61 countries, produced a measurable Q1 earnings miss, and generated at least six employee data-theft lawsuits .
• The Trump administration's national cyber strategy and pharma-sector data controls are reshaping sector-specific compliance baselines .
• Infrastructure engineer shortages have become a supply chain sovereignty issue, with NIW petitions under EB-2 emerging as a workforce retention tool for energy, grid modernization, and semiconductor clients .

Latest developments.

• Firestarter backdoor confirmed persisting on Cisco Firepower devices at a federal civilian agency post-patch; CISA updated Emergency Directive 25-03 requiring hard power-off, full wipe, and reimaging — YARA detection rules released jointly with UK NCSC .
• FAA proposed rule published May 6, 2026, creating a two-tier petition process for critical infrastructure operators to restrict drone flights over facilities across all 16 eligible sectors; comment period closes July 6, 2026 .
• Five-agency CISA advisory on Iranian PLC targeting issued April 7, 2026, with technical indicators of compromise for Rockwell Automation and Allen-Bradley systems; CyberAv3ngers attributed as IRGC affiliate .
• Project Glasswing launched with 50-plus member coalition; Mythos Preview has discovered thousands of high-severity vulnerabilities across major operating systems and browsers, including a 27-year-old OpenBSD flaw .
• Australia's Home Affairs Ministry is collaborating with Anthropic to remediate vulnerabilities identified by Mythos after Anthropic declined to release the model publicly .
• Stryker Q1 2026 earnings missed analyst expectations due to a March 11 Iran-linked Handala attack that disrupted operations across 61 countries; at least six employee data-theft lawsuits filed .
• CIRCIA finalization flagged as imminent by Clark Hill; 72-hour and 24-hour reporting obligations expected to apply across 16 sectors including potentially commercial real estate (→ Clark Hill Warns CRE Owners of Impending CIRCIA Cyber Reporting Rules).
• Winona County, Minnesota suffered its second ransomware attack in four months; Governor Walz deployed the National Guard under Executive Order 26-06 .
• Minot, North Dakota water treatment plant SCADA disabled by ransomware for 16 hours; FBI notified, attacker unidentified .
• FERC Order No. 919 approved eleven updated CIP Reliability Standards for grid virtualization; mandatory compliance deadline April 1, 2028 .
• FCC added all foreign-produced consumer routers to its Covered List on March 23, 2026; existing authorized models covered by waiver through March 1, 2027 .
• U.S.-Iran military conflict is driving Gulf energy market disruption and heightened Iranian cyber threat posture simultaneously .

Active questions and open splits.

• Whether patching satisfies the duty of care when firmware-level persistence defeats it. Firestarter's survival across patches and reboots raises the question of whether organizations that patched CVE-2025-20333 and CVE-2025-20362 but did not reimage are legally exposed — and what the standard of care requires for network device remediation going forward .
• CIRCIA "covered entity" scope for non-traditional sectors. The statute's 16-sector framework may capture commercial real estate, healthcare device manufacturers, and other entities not historically treated as critical infrastructure — the final rule's definitional choices will determine who faces 72-hour and 24-hour reporting obligations (→ Clark Hill Warns CRE Owners of Impending CIRCIA Cyber Reporting Rules).
• Liability allocation when AI-discovered vulnerabilities go unpatched. Project Glasswing and Mythos Preview are identifying flaws faster than organizations can remediate them; no regulatory framework yet governs disclosure timelines, vendor notification obligations, or liability for organizations that receive notice of AI-discovered vulnerabilities and fail to act .
• Geopolitically motivated attacks and the healthcare liability standard. The Stryker litigation — six employee suits over data theft from an Iran-linked attack — will test whether the standard of care for healthcare infrastructure operators accounts for nation-state threat actors, and how courts allocate liability between the operator and the geopolitical actor .
• FCC router ban scope and exemption mechanics. The Covered List addition leaves unresolved whether mesh systems, ISP-provided gateways, and hybrid-component devices are covered; DoD/DHS exemption authority is untested; and the March 2027 waiver expiration creates a hard deadline for supply chain restructuring .
• FERC Order 919 "per system capability" compliance interpretation. The shift from "technical feasibility" exceptions to "per system capability" language gives BES entities more flexibility but less certainty — gap assessments must be completed before NERC issues interpretive guidance, and the 24-month window is tight for complex virtualized environments .
• National Guard deployment as a ransomware response model and its municipal liability implications. Minnesota's twice-in-four-months National Guard mobilization for a single county raises questions about the threshold for state emergency declarations, cost allocation between state and municipality, and whether repeated successful attacks establish municipal negligence .

What to watch.

• CISA CIRCIA final rule publication — the definitional scope of "covered entity" and "substantial cyber incident" will determine which clients face immediate compliance obligations and what penalty structures apply.
• FAA drone restriction rule finalization after the July 6, 2026 comment period closes — particularly how the two-tier UAFR framework interacts with existing airspace waivers and what enforcement teeth Remote ID provides.
• FERC and NERC interpretive guidance on Order 919 "per system capability" language — the first enforcement actions or compliance filings will reveal how broadly the exception shift is being read.
• Escalation trajectory of Iranian cyber operations against OT infrastructure as U.S.-Iran military conflict continues — any confirmed disruption of water treatment or power generation at scale would trigger immediate regulatory and litigation consequences.
• Stryker employee litigation outcomes — early motions or settlement terms will signal how courts are treating geopolitically motivated healthcare infrastructure attacks for purposes of employer data-security liability.
• Whether additional governments follow Australia in establishing formal government-AI developer protocols for responsible disclosure of AI-discovered vulnerabilities — and whether those protocols create new notification obligations for U.S. operators.