Iranian Cyberattack Breaches U.S. Local Government via Fax Server — Part of Broader Critical Infrastructure Campaign

Summary

An analysis published today by the Foundation for Defense of Democracies (FDD) details how an Iranian cyberattack compromised St. Joseph’s County, Indiana through the breach of a fax server. The attack is part of a broader pattern of Iranian-linked groups targeting critical U.S. infrastructure, increasingly leveraging AI in their methodologies.

The incident underscores a growing concern: local governments often lack the cybersecurity resources and expertise of federal agencies, making them attractive targets for state-sponsored actors. Fax servers, still widely deployed in government offices, represent a frequently overlooked attack surface with legacy protocols and minimal security monitoring.

This comes on the heels of FBI and CISA warnings last week about Iran-linked hackers targeting water, energy, and other critical infrastructure across the United States, as geopolitical tensions continue to drive retaliatory cyber operations.

Source

Foundation for Defense of Democracies — How an Iranian Cyberattack Hit US Local Governments

Commentary

A fax server. In 2026, a nation-state actor breached a U.S. county government through a fax server. If that doesn’t perfectly encapsulate the state of local government IT security, nothing does. Local governments are running infrastructure from three decades ago with budgets that can barely cover patching, let alone threat detection.

The broader pattern is clear: Iranian cyber operations are targeting the softest parts of U.S. infrastructure — not the Pentagon, but the county offices, water treatment plants, and small-town networks that keep society running. These organizations need federal support, funding, and standardized security baselines, because right now they’re essentially defending against APTs with consumer-grade tools.