Security Risks in Fuel Storage Systems – Part 2

Recent cybersecurity research has uncovered alarming vulnerabilities in Automatic Tank Gauge (ATG) systems, which are widely used in fuel storage facilities such as gas stations, airports, and utility companies. These systems play a crucial role in monitoring and managing fuel levels, leak detection, and inventory. The vulnerabilities, if exploited, could result in serious environmental, operational, and financial repercussions.

Key Findings:

1. Wide-Ranging Vulnerabilities

Researchers have identified ten significant flaws in ATG systems manufactured by major vendors, including Dover Fueling Solutions (DFS), OPW Fuel Management Systems, Franklin Fueling Systems, and OMNTEC. Seven of these vulnerabilities are classified as critical, enabling attackers to gain administrative control over these systems. (The Register)

2. Potential Consequences

Exploiting these vulnerabilities could allow hackers to:

• Manipulate fuel levels, leading to incorrect inventory management.

• Disable essential safety features like leak detection systems.

• Cause tank overflows or shutdowns, creating hazardous environmental conditions.

• Execute ransomware attacks targeting infrastructure.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories warning of the risks associated with these vulnerabilities. (CISA.gov)

3. Global Exposure

Tens of thousands of ATG systems remain vulnerable, with a significant portion located in the United States. The extensive use of older or unsupported devices exacerbates the risk. Many facilities have yet to implement the patches and upgrades necessary to mitigate these issues. (CyberScoop)

Understanding the Threat

Automatic Tank Gauges are essential for managing fuel storage, providing real-time data on tank levels, temperature, and leak detection. Their integration with networked environments makes them vulnerable to cyberattacks, particularly in cases where systems are connected to the internet without proper security measures.

Hackers can exploit these vulnerabilities to manipulate critical settings, shut down operations, or even create dangerous conditions that impact surrounding areas. These risks highlight the urgency of improving the security of these systems.

Enhancing Security with PASS Connect’s Cellular Option

To address these vulnerabilities, implementing secure communication channels is crucial. PASS Connect offers a dedicated cellular connection for ATG systems, providing several security advantages:

• Isolated Network Access: By utilizing a cellular connection, ATG systems are isolated from public internet networks, reducing exposure to potential cyber threats.

• Dedicated Communication Line: A dedicated cellular connection ensures that data transmission between the ATG system and monitoring centers is secure and less susceptible to interception or tampering.

• Continuous Monitoring: PASS Connect’s cellular option facilitates real-time monitoring and alerts, enabling prompt responses to any suspicious activities or anomalies detected within the system.

Recommendations for Facility Operators

Fuel storage facility operators must take immediate action to address these vulnerabilities and protect their systems from potential cyber threats. Below are key steps recommended by experts and regulatory bodies:

1. Conduct a Security Assessment

• Inventory all ATG systems to identify vulnerable models.

• Assess current security configurations and identify gaps.

2. Apply Patches and Updates

• Work with vendors to ensure the latest software patches are applied.

• Upgrade older or unsupported systems to newer, more secure versions.

3. Implement Secure Communication Channels

• Utilize dedicated cellular connections, such as PASS Connect, to isolate ATG systems from public networks.

• Ensure that all data transmissions are encrypted and secure.

4. Enable Monitoring and Alerts

• Deploy intrusion detection systems (IDS) to monitor for unauthorized access.

• Configure alerts for unusual activities, such as unexpected configuration changes.

5. Implement Cybersecurity Training

• Train employees on identifying potential cyber threats and best practices for system security.

• Establish protocols for reporting suspicious activities.

6. Collaborate with Cybersecurity Experts

• Engage with cybersecurity firms to conduct vulnerability scans and penetration tests.

• Partner with organizations like CISA for guidance and resources.

The Cost of Inaction

A successful cyberattack on fuel storage facilities can result in severe consequences, including:

• Operational Downtime: Interruptions in fuel delivery and retail operations.

• Environmental Damage: Fuel spills or overflows can lead to contamination and fines.

• Financial Losses: Businesses could face costly repairs, lawsuits, and reputation damage.

• Regulatory Penalties: Non-compliance with cybersecurity standards may lead to legal and financial repercussions.

Looking Ahead

The vulnerabilities in ATG systems serve as a stark reminder of the importance of securing critical infrastructure. As the reliance on digital systems grows, so does the need for robust cybersecurity measures. Facility operators must prioritize proactive strategies to safeguard their operations against evolving threats.

Explore Secure Solutions with PASS Connect

PASS Connect provides a reliable cellular communication option to isolate ATG systems from public networks, reducing cyber risks and enhancing operational security. With features like continuous monitoring, dedicated communication channels, and real-time alerts, PASS Connect is an essential tool for fuel storage facility operators.

Take action today to protect your facilities. For more information about how PASS Connect can enhance your system’s security, contact us now or visit our website.