A Critical Infrastructure Alert: Automatic tank gauges (ATGs)

Automatic tank gauges (ATGs) are indispensable tools for monitoring and managing critical infrastructure, such as fuel storage, water reservoirs, and chemical tanks. However, these systems are increasingly becoming targets for cyberattacks, exposing vulnerabilities that could have severe consequences.

Recent research has highlighted critical vulnerabilities in ATGs, including:

• Remote Access: Unsecured remote access points can provide a gateway for unauthorized access.
• Weak Default Credentials: Many ATGs ship with default passwords that are easily guessable.
• Lack of Encryption: Sensitive data transmitted between ATGs and control systems may not be encrypted, making it vulnerable to interception

These vulnerabilities could lead to:

• Disruption of essential services: Manipulation of tank levels could disrupt fuel supply, water distribution, or chemical processes.
• Safety hazards: Incorrect tank measurements could lead to overfilling or underfilling, posing risks of spills or shortages.
• Financial losses: Cyberattacks could result in costly downtime and damage to infrastructure.

To mitigate these risks, organizations must:

• Implement robust cybersecurity measures: This includes regularly updating software, using strong passwords, and enabling encryption.
• Conduct regular vulnerability assessments: Identify and address potential weaknesses in ATG systems.
• Train staff on cybersecurity best practices: Ensure that employees are aware of the risks and know how to protect against them.

By taking these steps, organizations can help safeguard their critical infrastructure and prevent costly disruptions.