Exposed Gas Station Tank Gauge Systems Pose Security Risk
According to a recent joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the NSA, and other U.S. government partners, over 900 automatic tank gauge (ATG) systems in the United States are exposed online and vulnerable to ongoing attacks. These systems are used to monitor fuel and chemical storage tanks across various critical infrastructure sectors.
ATG systems are electronic monitoring devices that remotely track fuel, chemicals, or other liquids in storage tanks, automating inventory control, environmental leak detection, and regulatory compliance. They are commonly used at gas stations to monitor fuel tank levels and can also be found in industrial settings to track chemical storage tanks.
Security Flaws and Vulnerabilities
The federal agencies warned that threat actors target ATG systems to alter system settings in command execution attacks after exploiting various security flaws, including hardcoded credentials, authentication bypasses, SQL injection vulnerabilities, OS command execution flaws, and privilege escalation weaknesses.
Following successful compromises, attackers could disable system alerts, increasing the risk of leaks or equipment failures and even causing permanent damage to the targeted tank systems. As CISA cautioned, the recent malicious cyber activity observed by the authoring organizations involves cyber threat actors compromising internet-exposed ATG systems and subsequently modifying them through command execution.
Exposure and Vulnerability
Internet security watchdog Shadowserver warned that over 1,000 ATG systems were exposed online, with the vast majority (909 devices) in the United States. This exposure is after weeding out the vast majority of honeypots, including ports 8001/9001.
Critical infrastructure organizations are advised to restrict remote access to ATG systems from the Internet as soon as possible and implement controlled access through firewalls, VPNs, or access control lists. They should also replace default passwords on vulnerable devices with strong credentials, apply security updates, monitor systems for unauthorized changes, and implement multi-factor authentication where possible.
Previous Incidents and Attacks
CISA's warning comes after a May CNN report that Iranian hackers had breached ATG systems connected to the Internet at multiple gas stations across the United States. Iranian hacking groups were linked to these incidents based on their previous history of targeting fuel management systems and other industrial control technologies.
After hacking the devices with weak or nonexistent passwords, the attackers reportedly manipulated the display readings but did not alter the actual fuel levels. Although these incidents didn't cause any physical damage, they raise concerns that such attacks could hinder automated fuel leak detection and similar safety-related functions.
Recommendations and Mitigations
To mitigate these risks, critical infrastructure organizations should take immediate action to secure their ATG systems. This includes implementing robust security measures, such as restricting remote access, using strong passwords, and monitoring systems for unauthorized changes.
Additionally, organizations should consider implementing breach and attack simulation tests to identify vulnerabilities and weaknesses in their systems. This can help prevent successful attacks and minimize the risk of security breaches.
- Restrict remote access to ATG systems from the Internet
- Implement controlled access through firewalls, VPNs, or access control lists
- Replace default passwords on vulnerable devices with strong credentials
- Apply security updates
- Monitor systems for unauthorized changes
- Implement multi-factor authentication where possible
Source: BleepingComputer