WASHINGTON DC – Federal cybersecurity agencies are warning that Iranian-linked hackers are actively targeting U.S. critical infrastructure—but in Michigan, the implications go beyond abstract cyber threats.

The warning, issued jointly by federal agencies including the FBI, NSA and Department of Energy, highlights ongoing efforts to probe vulnerabilities in energy systems, water facilities and other industrial operations. Officials say some of the activity has already resulted in operational disruptions and financial losses.

For a state like Michigan—home to major utilities, thousands of manufacturers, and aging infrastructure systems—the risks are not theoretical.

They are immediate.

Electric Grid Emerges as Primary Concern

The most pressing concern centers on the electric grid, where interconnected systems mean a disruption in one area can quickly cascade across regions.

Utilities such as Consumers Energy and DTE Energy rely on complex industrial control systems to manage generation, transmission and distribution. These systems—often referred to as SCADA (Supervisory Control and Data Acquisition)—are essential to keeping power flowing.

But they also present a potential entry point.

Federal officials warn that attackers are increasingly scanning for internet-exposed control devices, particularly those with weak security protections or outdated configurations. Once inside, attackers could disrupt operations, shut down systems, or manipulate controls.

Unlike traditional data breaches, the consequences here are physical.

A successful attack could mean prolonged power outages, halted manufacturing lines, and disruptions to hospitals and public services.

Aging Infrastructure Adds Another Layer of Risk

While much of the focus is on the electric grid, Michigan’s broader infrastructure—including water systems and dams—adds another dimension to the conversation.

Many of these facilities were built decades ago, long before cybersecurity was a consideration. Although upgrades have been made over time, legacy systems can present unique challenges when it comes to modern digital threats.

The issue comes as Consumers Energy is seeking to sell 13 aging hydroelectric dams across the state—some dating back more than a century—raising broader questions about long-term maintenance, oversight, and infrastructure resilience.

See: Who’s Responsible If A Dam Fails? Michigan Regulators Reject Consumers Plan To Sell 13 Dams For $1 Each

The conversation around dam safety has remained front of mind in Michigan since the Edenville Dam failure, which caused widespread flooding and forced thousands of residents to evacuate.

While there is no indication that dams are a primary cyber target, experts note that water control systems increasingly rely on digital technologies—making infrastructure resilience, both physical and cyber, an ongoing concern.

Manufacturing Sector Also Exposed

Michigan’s manufacturing base—particularly in automotive and industrial sectors—faces similar risks.

Many factories rely on the same types of industrial control systems highlighted in the federal warning. In some cases, especially among small and mid-sized suppliers, those systems may be connected to broader networks without robust cybersecurity protections.

That creates potential openings.

For an auto supplier, a disruption doesn’t just mean lost data—it can shut down production, delay shipments, and ripple across supply chains.

In a state where manufacturing remains a cornerstone of the economy, that risk is significant.

Not Just Foreign Threats

While federal agencies attribute the recent activity to Iranian-linked groups, cybersecurity experts caution that many of the vulnerabilities being targeted are not new.

In fact, they have been documented for years.

Weak passwords, outdated software, and internet-exposed control panels continue to be common across U.S. infrastructure systems. In many cases, attackers are exploiting basic security gaps rather than deploying highly sophisticated techniques.

That raises an uncomfortable reality: the threat is not just external—it is structural.

Why This Matters Now

The timing of the warning is tied to escalating geopolitical tensions, with cyber activity increasingly used as a tool of indirect conflict.

But for businesses and infrastructure operators in Michigan, the takeaway is more practical than political.

The systems that power factories, move water, and keep lights on are becoming more connected—and in some cases, more exposed.

And while large utilities have invested heavily in cybersecurity, smaller operators and legacy systems may not have the same level of protection.

What Comes Next

Federal agencies are urging organizations to take immediate steps:

  • Disconnect critical control systems from the public internet
  • Update and patch outdated software
  • Strengthen authentication and access controls
  • Monitor networks for unusual activity

For Michigan, the warning serves as a reminder that infrastructure risk is evolving.

It’s no longer just about aging equipment or deferred maintenance.

It’s about how physical systems and digital vulnerabilities intersect.

Because in today’s environment, a cyberattack isn’t just about data.

It’s about turning off the lights, shutting down production—or in worst-case scenarios—triggering real-world consequences that extend far beyond the screen.