Hackers and cybercriminals have set their sights on automatic tank gauge (ATG) systems. When compromised, this could lead to mayhem and societal disruption. ATG owners and operators are urged to harden the defenses of these systems.
ATG systems are widely used in the United States for automated, remote monitoring of storage tank parameters, including fuel and liquid levels, temperature, and potential leak detection.
Among other branches, the systems can be found in the energy, chemical, transportation, and food and agricultural sectors.
When devices are connected to ATG systems and are accessible from the internet, attackers can do all sorts of mischievous and even malicious activities, including viewing the fuel levels, changing values and controls, disabling system alerts, and modifying critical monitoring parameters, potentially permanently damaging ATG systems and disrupting the economy and society in the process.
According to an industry alert issued by the Internet Crime Complaint Center (IC3), malicious cyber activities have been observed, involving threat actors who have tried to compromise internet-connected ATG systems by modifying them through command execution.
Exploitation of ATG systems may happen through multiple attack vectors, such as bypassing authentication and hardcoded credentials, OS command execution, SQL injection attacks, and privilege escalation.
To minimize the impact of these threats, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), the Department of Energy (DOE), the Environmental Protection Agency (EPA), the Transportation Security Administration (TSA), the Department of Transportation (DOT), and the US Department of Agriculture (USDA) are calling on ATG owners and operators to take precautionary measures.
Check if your data has been leaked
For starters, ATG systems shouldn’t be exposed to the internet. However, if remote access is essential, companies should use a firewall, an access control list (ACL), or a VPN to restrict access.
In addition, default passwords should be changed immediately and replaced with strong, unique security codes, and, if possible, implemented with phishing-resistant multifactor authentication (MFA).
Lastly, patches for ATG systems must be installed immediately, and organizations should actively monitor network activity for any unauthorized access.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked