Hackers Could Exploit ATG Flaws to Cause Environmental and Economic Havoc

Critical vulnerabilities in Automatic Tank Gauges (ATGs) used widely across various critical infrastructures, including fuel storage at gas stations, airports, military bases, hospitals, and power plants are highlighted by reseachers from Bitsight. Bitsight has uncovered security gaps that potentially allow attackers to manipulate tank operations and even cause physical damage. According to Bitsight, "Our research shows that attackers can easily change critical parameters that may result in fuel leaks, such as tank geometry and capacity. It is also possible to disable alarms and the respective actions that are triggered by them, both manual and automatic ones (such as ones activated by relays)," highlighting the gravity and potential consequences of these vulnerabilities.

Exploring the depth of the problem, Bitsight's investigation has identified multiple 0-day vulnerabilities across various ATG systems, with some allowing unauthorized users to gain full administrative privileges or execute commands that can disrupt operations. The impacted products, include systems like Maglink LX and LX4, OPW SiteSentinel, and others, all found to have weaknesses ranging from hardcoded credentials to SQL injection vulnerabilities. These security flaws present not only immediate risks of data theft and unauthorized control over the fuel dispensing but also pose long-term risks of environmental hazards and significant economic impacts.

The vulnerabilities can be exploited in real-world scenarios to cause a denial of service (DoS), permanently damage the ATG systems, or manipulate the fuel distribution operations maliciously. For instance, attackers could theoretically use the compromised systems to overfill tanks, causing spills, or alter fuel monitoring data to facilitate theft. This level of control could lead to catastrophic results if the relays connected to these systems are manipulated to operate beyond their physical limits, potentially leading to irreversible damage to both the software and hardware components of the ATGs.

In response to these alarming findings, CISA has issued advisories urging users and administrators of affected ATG systems to apply necessary patches and follow recommended mitigation strategies. Despite these advisories, not all vendors have responded with patches, leaving many systems potentially exposed. Bitsight and other cybersecurity entities emphasize the importance of securing these systems against such vulnerabilities by removing ATGs from public internet access, implementing robust firewall protections, and continuously monitoring and auditing ATG systems for any unauthorized changes or anomalous behaviors. This collective effort is crucial in safeguarding critical infrastructure from both physical and cyber threats.