CISA-documented IRGC-affiliated threat actors are conducting sustained operations against U.S. and Israeli critical infrastructure, with confirmed targeting of PLCs across healthcare, energy, water, and government sectors. This campaign is characterized by low-to-medium-intensity harassment designed to exhaust defender capacity rather than achieve single high-impact events, making it a resource and resilience concern as much as a technical one. Priority defensive actions include isolating internet-facing OT assets per CISA AA23-335A, eliminating default credentials on ICS/SCADA devices, and engaging your sector ISAC for current shared threat intelligence.