engadget has an informative summary article about how Gas Stations are being targeted with Cyber Security attacks. In it they show how Trend Micro researchers proved that Gas Stations in the United States are the most targeted in a pool of other countries.
And they have been successful. Does this mean you need to wear flame-proof suits when filling up at your local gas station?
After a gas station monitoring system was hacked earlier this year, Trend Micro researchers Kyle Wilhoit and Stephen Hilt decided to take a closer look.
They set up fake internet-connected systems called “GasPots” — honeypots that mimic the real ones — in several countries to track hackers’ movements. Turns out gas monitors are never safe: the researchers observed a number of attacks on their GasPots within a period of six months, with US-based ones being the most targeted.
Attackers were likely members of foreign nation states, including the Iranian Dark Coders Team as well as Anonymous (WE_ARE_LEGION).
So, how bad is it? Does filling up your car now qualify you for Hazard Pay? It’s not that bad, thank goodness, though it definitely needs improvement.
The attacks targeted Gas monitoring systems, or automated tank gauges (ATG), that keep an eye on fuel levels, volume and temperature, among other stats.
While they can’t blow up a gas station, they could perform Denial of Service (DoS) outages…which coordinated with other Infrastructure outages could prove to be dangerous and effective.
The reseachers concluded,
“that supervisory systems shouldn’t be connected to the internet. If they really need to be, their security should be so strong that access to them is extremely limited and private.”