Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Malware could drain your fuel tank as well as your bank account

Ongoing cyber-attacks on automated tank gauges (ATGs) could result in fuel tanks being drained without businesses noticing, the US Cybersecurity & Infrastructure Security Agency has warned. Connected ATGs are widely deployed in gas stations, as well as on military bases, in hospitals, and in manufacturing plants. And it’s not just fuel stores at risk: ATGs are also used in the chemical, food, and agriculture industries.

CISA and other agencies warned that such attacks could lead to the gauges being dangerously compromised, leaving tank owners unaware of leaks or theft of their contents.

The attacks take three forms: authentication bypass and hardcoded credentials, which allow attackers to gain access to device management; OS command execution and SQL injection to manipulate underlying databases; and privilege escalation, in which attackers obtain full administrator access.

System administrators working for organizations using ATGs are advised to protect their systems by removing connections to serial ports to eliminate public internet exposure by, changing default passwords immediately, applying the latest patches, reporting any suspicious activity to the CISA, and urging companies in their supply chain to also adopt best practises against such attacks.

CISOs in these companies should already be doing this as they can’t say that they were unaware of the risks: Last year, a Canadian fuel company was attacked and its systems compromised and in 2024, security company BitSight warned that ATGs were a sitting target for cyber criminals.

View the full article

User Feedback

Recommended Comments

There are no comments to display.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Add a comment...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.