Friend
Professional
- Messages
- 2,670
- Reaction score
- 885
- Points
- 113
Experts have discovered 11 vulnerabilities in fuel management systems.
Researchers have discovered serious vulnerabilities in Automatic Tank Gauge (ATG) systems that can lead to fuel leaks, data disclosure and other dangerous consequences at critical facilities such as gas stations, airports and military bases. ATG systems monitor fuel levels to prevent tank overfills. However, the vulnerabilities identified allow attackers to gain full access to these systems.
Pedro Umbelino, a senior scientist at Bitsight, noted that ATGs are widely used in critical facilities, including hospitals and military bases, where backup power is required. Some vulnerabilities allow attackers to cut off fuel supply and even cause serious environmental consequences, such as fuel leaks that go undetected due to the shutdown of the warning system.
Despite previous warnings, thousands of ATGs are still connected to the internet, making them easy targets for cyberattacks. According to Umbelino, in conjunction with the U.S. Cybersecurity Agency (CISA) and vendors, 11 vulnerabilities were discovered in six different ATG systems. Some companies have already released updates, but there are also some that ignore the problem, putting people at risk.
Umbelino emphasizes that even after installing patches, devices must be disconnected from the public Internet. Most ATGs were not originally designed to work on the network, which led to such vulnerabilities. Physical disconnection from the Internet is the only reliable solution, the expert assures.
ATG vulnerabilities allow attackers not only to control processes at the facility, but also to cause serious disasters. For example, changing the maximum tank capacity parameter or disabling the alarm can lead to an uncontrolled fuel spill. Other scenarios include hardware damage, leakage of sensitive information, or system disruption.
ATG systems are often linked to other critical components, such as sirens and ventilation systems. Control over them opens up opportunities for large-scale attacks that can have catastrophic consequences.
The threat to critical infrastructure continues to grow, especially in the face of attacks by state hackers. In recent years, such cyberattacks on vital systems have become much more frequent, and ATG can also become a new target for attackers.
Despite the seriousness of the threat, there have been no mass incidents yet, the researchers note. However, it is important that companies not only patch vulnerabilities but also implement stricter security practices to minimize their occurrence in the future.
Source
Researchers have discovered serious vulnerabilities in Automatic Tank Gauge (ATG) systems that can lead to fuel leaks, data disclosure and other dangerous consequences at critical facilities such as gas stations, airports and military bases. ATG systems monitor fuel levels to prevent tank overfills. However, the vulnerabilities identified allow attackers to gain full access to these systems.
Pedro Umbelino, a senior scientist at Bitsight, noted that ATGs are widely used in critical facilities, including hospitals and military bases, where backup power is required. Some vulnerabilities allow attackers to cut off fuel supply and even cause serious environmental consequences, such as fuel leaks that go undetected due to the shutdown of the warning system.
Despite previous warnings, thousands of ATGs are still connected to the internet, making them easy targets for cyberattacks. According to Umbelino, in conjunction with the U.S. Cybersecurity Agency (CISA) and vendors, 11 vulnerabilities were discovered in six different ATG systems. Some companies have already released updates, but there are also some that ignore the problem, putting people at risk.
Umbelino emphasizes that even after installing patches, devices must be disconnected from the public Internet. Most ATGs were not originally designed to work on the network, which led to such vulnerabilities. Physical disconnection from the Internet is the only reliable solution, the expert assures.
ATG vulnerabilities allow attackers not only to control processes at the facility, but also to cause serious disasters. For example, changing the maximum tank capacity parameter or disabling the alarm can lead to an uncontrolled fuel spill. Other scenarios include hardware damage, leakage of sensitive information, or system disruption.
ATG systems are often linked to other critical components, such as sirens and ventilation systems. Control over them opens up opportunities for large-scale attacks that can have catastrophic consequences.
The threat to critical infrastructure continues to grow, especially in the face of attacks by state hackers. In recent years, such cyberattacks on vital systems have become much more frequent, and ATG can also become a new target for attackers.
Despite the seriousness of the threat, there have been no mass incidents yet, the researchers note. However, it is important that companies not only patch vulnerabilities but also implement stricter security practices to minimize their occurrence in the future.
Source
