Officials Link Tank Readers Iran Suspicions to U.S. Gas Stations
Officials said tank readers iran-linked hackers may have breached multiple automatic tank gauge systems at U.S. gas stations on Friday. The devices were online but not password protected, and hackers were able in some cases to tamper with display readings.
The reported breaches have not caused physical damage or altered fuel levels so far. Officials said the exposure could let fuel leaks go completely undetected.
U.S. gas station gauge systems
Officials told that hackers linked to Iran may be responsible for a number of breaches of computer systems monitoring fuel at gas stations across the U.S. Those systems use automatic tank gauges, or ATGs, to track fuel levels at sites that sit inside a wider critical-infrastructure network.
Ben Edwards, a Bitsight principal research scientist, said ATGs are a prime example of critical technology used at gas stations, along with military bases, airports, and hospitals. He said, "What today's reported activity makes clear is that these systems are an active target, and the attack surface is larger than most people realize."
Bitsight trace and Iran
Bitsight TRACE found multiple critical vulnerabilities across different products from various manufacturers in September 2024. Bitsight said those vulnerabilities could be exploited to cause widespread damage including physical damage, environmental hazards, and economic losses, and said thousands of ATG systems remain directly accessible over the public internet.
Edwards added, "Bitsight's research has found that thousands of ATG systems remain directly accessible over the public internet, completely exposed to anyone who knows where to look — and we continue to find new systems coming online every day." He also said, "The consequences of exploitation go well beyond data theft," and warned that threat actors who gain access to these systems could overfill tanks and trigger environmental disasters, disable critical safety alarms, or override physical relays to cause permanent, irreversible damage to equipment.
Israel and cyber campaigns
Yossi Karadi, head of Israel’s cyber defense agency, the National Cyber Directorate, said Iran’s cyber activity during the war that began in late February has shown "a significant increase in the scale, speed, and integration between cyber operations and psychological campaigns." He also said, "...The bottom line is that Iranian actors are under pressure and are trying to strike wherever they find an opening in cyberspace."
A Sky News report in 2021 said the Islamic Revolutionary Guard Corps had singled out ATGs as potential targets for cyber-attacks on gas stations. Officials briefed on the matter told they suspected Iranian nationals were behind multiple breaches of the devices. Ben Edwards said, "This is a known, documented risk and it demands urgent attention from both asset owners and policymakers."
The next step is with the operators of those ATG systems and the policymakers Edwards named, after officials said the suspected intrusions involved unprotected devices that remained online.
