Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: atg (1 article)Clear

CISA, FBI, NSA warn hackers are modifying internet-exposed fuel tank gauge (ATG) systems - prior activity linked to Iran

CISA, the FBI, the NSA, the Department of Energy, and partners have warned that threat actors are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage across the Energy, Chemical, Food and Agriculture, and Transportation sectors. Attackers gain access via authentication-bypass flaws, hardcoded credentials, OS command-execution bugs, SQL injection, and privilege escalation, then modify network settings, product identifiers, tank volumes, and pump controls, and can disable alerts - raising the risk of leaks or equipment failure. The advisory does not formally attribute the activity, but it follows May CNN reporting linking Iranian hackers to similar ATG breaches. Agencies urge removing ATG systems from the internet.

Check
Inventory automatic tank gauge (ATG) systems and confirm none are internet-exposed. Replace default passwords, enable MFA, and review device logs for unauthorized changes to settings, volumes, or pump controls.
Affected
Internet-exposed ATG systems across Energy, Chemical, Food and Agriculture, and Transportation sectors. Access via auth-bypass, hardcoded credentials, command-execution, SQL injection, and privilege-escalation flaws. Prior activity linked to Iran.
Fix
Remove ATG systems from the internet; restrict remote access via firewalls, VPNs, or ACLs. Replace default credentials, enforce MFA, apply updates, and monitor for unauthorized configuration changes.