Several people in Iran have been charged formally with hacking attacks on US banks and a dorm north of New York City, according to many news sources, such as NBC.
The attacks on the banks were regular Denial of Service attacks, with cruder techniques common since about 2001.
The hackers also broke into a control system for a dam north of New York City, which fortunately was not connected at the time. It is not clear how they were able to get in, if the controls were not accessible through the normal Internet. (Computers not normally addressable online still have IP addresses.)
All of this follows the concerns raised in Ted Koppel’s book “Lights Out”, reviewed in the books blog, Nov. 10, 2015. Bloomberg has an article on a Russian attack on the Ukraine power grid, which gives some perspective on the relative risk in the US,