New Delhi, March 9 (AHN) Cybersecurity researchers have reported a sharp rise in cyber threats targeting US critical infrastructure following the February 28 strikes on Iran, with more than 60 Iranian-aligned hacktivist groups launching coordinated activity online within hours of the attacks, a report said on Monday.

New research by cybersecurity firm CloudSEK said the groups formed an “Electronic Operations Room” on Telegram to coordinate cyber activity and share targets.

Researchers noted that the mobilisation appeared to be driven more by ideological motivations than direct central state control, making the attacks harder to predict or limit.

The report highlights growing concerns about the vulnerability of US critical infrastructure systems connected to the internet.

According to the findings, more than 40,000 industrial control systems (ICS) in the United States are currently accessible through the public internet, many of them protected by weak, default or even no login credentials.

Industrial control systems are used to operate critical infrastructure such as power grids, water supply networks and manufacturing facilities.

Because many of these systems remain exposed online, they present a large potential attack surface for cyber actors.

CloudSEK researchers said the emergence of artificial intelligence tools has significantly lowered the barrier for launching such attacks.

In a demonstration conducted by the firm, a person with no prior knowledge of industrial control systems was able to identify a list of accessible US industrial targets in less than five minutes using AI tools and passive reconnaissance techniques.

The researchers explained that the process required no direct scanning of systems, no exploitation tools and no specialist technical knowledge -- highlighting how AI is now acting as a force multiplier for cyber threat actors.

The company also warned about the “dual-use” nature of AI technologies. Many of the same AI platforms now used by defence and security organisations are widely available online, allowing attackers to use them for offensive reconnaissance and target discovery.

In a second report analysing the broader threat landscape, CloudSEK said the February 28 strikes did not create the cyber threat facing US infrastructure but significantly accelerated an existing one that has been developing for over a decade.