Security Software Firms Ramp Up Fear of Cyber Attack on Fuel Tank Gauges
Security Software Firms Ramp Up Fear of Cyber Attack on Fuel Tank Gauges
Veeder-Root, a petroleum equipment service company specializing in monitoring
tanks for oil companies, government and retailers, told OPIS on Monday that it
has received inquiry on cyber-security concerns about its fuel tank gauge
devices, and it has determined the impact to be less than 100 sites globally.
Alan English, director of brand development and marketing at Veeder-Root was
responding to an OPIS inquiry about a real-time alert on a large-scale DDoS
(distributed denial-of-service) attack affecting the global oil industry.
Veeder-Root automated tank gauges (ATGs) are used at 95% of the U.S. retail
fuel stations, according to the company. Veeder-Root is a Connecticut-based
company that specializes in automated tank gauges. It has more than half a
million customers around the world, according to the company's website.
ATGs are used to monitor fuel-tank inventory levels, track deliveries, raise
alarms that indicate problems with the tank or gauge (such as a fuel spill) and
to perform leak tests in accordance with environmental regulatory
compliance.ATGs are used by nearly every fueling station in the United States
and tens of thousands of systems internationally.
A security breach on ATGs could raise issues with fuel compliance, fuel theft
and terrorism.
"As always, the first level of defense is maintaining a secure network,
protected by an internet firewall," English said, adding that there is no new
development on a new wave of cyberattacks on ATGs.
"Nothing new that we are aware of. Standard security concerns being used to
market firewall products," he said.
Last week, Titan Cloud, a software company, said that it believed "a
large-scale DDoS attack is underway targeting ATGs (Automatic Tank Gauges) with
public IPs. We've identified the attacker's IP as 194.193.188.109, which seems
to originate from Australia."
"These attacks were first reported first of the New Year but have been
increasing in frequency and severity. Symptoms are ATGs locking out access
sporadically, refusing all other connection options and thus preventing
visibility into fuel levels and alarms. This is causing frequent run outs and
loss of alarm notifications, meaning catastrophic ATG alarms will be missed.You
may be mistakenly replacing IP cards," Titan Cloud added.
English said that Veeder-Root strongly recommends to its customers to take
steps to ensure their TLS (transport layer security) consoles at retail fuel
stations are secure.
"As communications have improved over the years so has the potential for
intruders to gain access to many devices through the internet. To protect
against malicious attacks, people and businesses commonly install a router to
guard their network at home or at work," he said.
"Automatic Tank Gauges are now accessible over the internet and allow users to
remotely manage their inventories and compliance faster and easier than we
could have 10 years ago. The same precautions taken to protect your home
computer should be implemented for your TLS console," English said.
Using a router and the security features available in the console will help
keep you connected and keep others out, he added.
A retailer told OPIS that he would be following the Veeder-Root advice to
change the default port setting for the TLS devices at his stations.
Meanwhile, Nexusguard, a software company, said that its quarterly report,
which measures thousands of DDoS attacks around the world, showed
communications service providers were targeted by 65.5% of DDoS attacks in the
third quarter of 2018, given their extensive networks enabling access to
tenants' assets.
Attackers were found to have contaminated a diverse pool of IP addresses across
hundreds of IP prefixes (at least 527 Class C networks, according to
Nexusguardfindings) with very small-sized junk traffic. As a result, the
year-over-year average attack size in the quarter fell measurably - 82%.
That Nexusguard report also showed China advanced its lead of global attack
origins, contributing more than 23% of worldwide campaign, and 15% of attacks
originated in the U.S.
--Edgar Ang, eang@opisnet.com
tanks for oil companies, government and retailers, told OPIS on Monday that it
has received inquiry on cyber-security concerns about its fuel tank gauge
devices, and it has determined the impact to be less than 100 sites globally.
Alan English, director of brand development and marketing at Veeder-Root was
responding to an OPIS inquiry about a real-time alert on a large-scale DDoS
(distributed denial-of-service) attack affecting the global oil industry.
Veeder-Root automated tank gauges (ATGs) are used at 95% of the U.S. retail
fuel stations, according to the company. Veeder-Root is a Connecticut-based
company that specializes in automated tank gauges. It has more than half a
million customers around the world, according to the company's website.
ATGs are used to monitor fuel-tank inventory levels, track deliveries, raise
alarms that indicate problems with the tank or gauge (such as a fuel spill) and
to perform leak tests in accordance with environmental regulatory
compliance.ATGs are used by nearly every fueling station in the United States
and tens of thousands of systems internationally.
A security breach on ATGs could raise issues with fuel compliance, fuel theft
and terrorism.
"As always, the first level of defense is maintaining a secure network,
protected by an internet firewall," English said, adding that there is no new
development on a new wave of cyberattacks on ATGs.
"Nothing new that we are aware of. Standard security concerns being used to
market firewall products," he said.
Last week, Titan Cloud, a software company, said that it believed "a
large-scale DDoS attack is underway targeting ATGs (Automatic Tank Gauges) with
public IPs. We've identified the attacker's IP as 194.193.188.109, which seems
to originate from Australia."
"These attacks were first reported first of the New Year but have been
increasing in frequency and severity. Symptoms are ATGs locking out access
sporadically, refusing all other connection options and thus preventing
visibility into fuel levels and alarms. This is causing frequent run outs and
loss of alarm notifications, meaning catastrophic ATG alarms will be missed.You
may be mistakenly replacing IP cards," Titan Cloud added.
English said that Veeder-Root strongly recommends to its customers to take
steps to ensure their TLS (transport layer security) consoles at retail fuel
stations are secure.
"As communications have improved over the years so has the potential for
intruders to gain access to many devices through the internet. To protect
against malicious attacks, people and businesses commonly install a router to
guard their network at home or at work," he said.
"Automatic Tank Gauges are now accessible over the internet and allow users to
remotely manage their inventories and compliance faster and easier than we
could have 10 years ago. The same precautions taken to protect your home
computer should be implemented for your TLS console," English said.
Using a router and the security features available in the console will help
keep you connected and keep others out, he added.
A retailer told OPIS that he would be following the Veeder-Root advice to
change the default port setting for the TLS devices at his stations.
Meanwhile, Nexusguard, a software company, said that its quarterly report,
which measures thousands of DDoS attacks around the world, showed
communications service providers were targeted by 65.5% of DDoS attacks in the
third quarter of 2018, given their extensive networks enabling access to
tenants' assets.
Attackers were found to have contaminated a diverse pool of IP addresses across
hundreds of IP prefixes (at least 527 Class C networks, according to
Nexusguardfindings) with very small-sized junk traffic. As a result, the
year-over-year average attack size in the quarter fell measurably - 82%.
That Nexusguard report also showed China advanced its lead of global attack
origins, contributing more than 23% of worldwide campaign, and 15% of attacks
originated in the U.S.
--Edgar Ang, eang@opisnet.com
Powered By GrowthZone