The Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) to warn that certain advanced persistent threat (APT) actors have exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices, including: • Schneider Electric programmable logic controllers (PLCs), • OMRON Sysmac NEX PLCs, and • Open Platform Communications Unified Architecture (OPC UA) servers.