CISA, the FBI, the NSA, the Department of Energy, and other U.S. partners warned that attackers are targeting internet-exposed automatic tank gauge (ATG) systems used across critical infrastructure to monitor fuel and liquid storage tanks. The advisory says intruders can exploit weak authentication and software flaws to change settings, disable alerts, and increase the risk of leaks or equipment failures. #CISA #FBI #NSA #DepartmentofEnergy #ATG
Keypoints
- Hackers are targeting internet-exposed ATG systems in critical infrastructure.
- ATG systems are widely used in energy, chemical, food and agriculture, and transportation sectors.
- Attackers can use authentication bypass, hardcoded credentials, SQL injection, and privilege-escalation flaws.
- Compromised systems may have network settings, tank volumes, pump controls, and alerts altered.
- Organizations are urged to remove internet exposure and strengthen access controls immediately.