Thousands of automated tank gauges (ATGs) used by fuel stations around the US are at risk of malicious attacks because they are connected to the Internet without any password protection.

Dangerously Vulnerable Automated Tank Gauges

An attacker with access to these devices would be able to reset the system, report erroneous data, generate false alarms and lock others out, security vendor Rapid7 said in a blog post.

“An attack may be able to prevent the use of the fuel tank entirely by changing access settings and simulating false conditions, triggering a manual shutdown,” Rapid7 Chief Security Officer HD Moore wrote in the post.

Kachoolie, a company that helps fuel stations enable the Internet on ATGs, alerted Rapid7 of this vulnerability earlier this month. In response, Rapid7 conducted a global Internet scan for exposed ATGs and discovered 5,800 of them could be freely accessed on the Internet without any passwords to protect them.

Of that number, 5,300 were located in retail fuel stations, truck stops and convenience stores scattered around the United States. Vulnerable pumps were found in locations belonging to several major brands and franchises.

Asset Management and Alerting System

An ATG is a fuel asset management system that helps operators keep tabs on fuel levels in a tank and warns them about leaks and other potentially hazardous conditions. Veeder-Root, one of the largest ATG providers in the country, describes its ATGs as systems that help fuel stations avoid runouts and haulbacks, quickly troubleshoot and diagnose problems and issue alerts based on specific conditions.

Fuel station owners often enable their ATGs with the Internet via Transmission Control Protocol/Internet Protocol cards or a serial port server so they can be remotely controlled and managed over the Web, Moore said. However, in so doing, many do not implement any password protection, leaving the control ports on the devices completely open for anyone to access via the Web.

Big Risk

Attackers could reconfigure alarm thresholds, disrupt fuel tank operations, change access settings and simulate false-alarm conditions to prompt a manual shutdown. According to Moore, an attacker could potentially shut down more than 5,300 U.S. fueling stations with little effort.

So far, Moore said, there is no indication that any vulnerable ATGs are actually being maliciously exploited. However, it would be hard for anyone to tell the difference between fuel tank problems caused by a malicious attack and one resulting from a system failure.

Internet of Things Will Exacerbate Problems

Such issues could become much more prevalent as more devices and “things” are connected to the Internet in coming years. Analyst firms such as Gartner and IDC estimate that anywhere between 26 billion and a staggering 212 billion devices — from connected cars, smart meters and intelligent lighting systems to smart watches and jewelry — will be IP-enabled by 2020.

Many of these devices will have embedded operating systems and use a diverse range of communication protocols to connect to the Internet. Some systems will have built-in connectivity out of the box while others will need to be activated. “Ghost” devices with unused Internet connectivity will be common, according to Gartner. The challenges associated with managing these devices in a secure manner will be enormous and often beyond the capabilities of traditional IT departments, the analyst firm warned in an alert last year on the security concerns associated with the Internet of Things (IoT).

The IoT trend will force chief information security officers (CISOs) to reevaluate current approaches to IT security and drive sweeping changes in areas such as application testing, identity and access management and vulnerability testing. To secure the IoT, CISOs will have to blend mobile and cloud security strategies as well as approaches used to protect industrial control, physical security and automation equipment.