Iranian hackers' ATG cyberattack campaign
Campaign
Summary
Hide ▲
Show ▼
Iranian threat groups launched a barrage of cyberattacks after the conflict began, broadening pressure on US gas-station fuel-monitoring systems and signaling continued risk to exposed critical infrastructure. The activity reportedly involved automatic tank gauge (ATG) systems that were reachable online and lacked password protection. Attackers changed display readings without altering actual fuel levels, showing how small OT weaknesses can be used for intimidation and disruption. The reporting says there was no significant disruption to US fuel-related infrastructure at the time, but the operation still demonstrates conflict-linked cyber reach.
Related Happenings
Automatic tank gauge (ATG) systems ongoing attacks
Exploitation Wave
H score25
First: 05.06.2026 17:50
Last: 05.06.2026 17:50
Sources 1
How related:
Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been found exposed online and are vulnerable to ongoing attacks.
About this happening:
**Over 900 internet-exposed ATG systems** across the United States are being targeted in **ongoing attacks**, creating risk of **alert tampering**, **fuel or chemical leaks**, and...
Automatic tank gauge (ATG) systems ongoing attacks
Exploitation WaveHow related: Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been found exposed online and are vulnerable to ongoing attacks.
About this happening: **Over 900 internet-exposed ATG systems** across the United States are being targeted in **ongoing attacks**, creating risk of **alert tampering**, **fuel or chemical leaks**, and...
CISA-led joint advisory to secure internet-exposed ATG systems
Public Sector Action
H score43
First: 05.06.2026 17:50
Last: 05.06.2026 17:50
Sources 1
How related:
On Tuesday, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the NSA, the Department of Energy, and other U.S. government partners issued a joint advisory warning critical infrastructure organizations to secure internet-exposed ATG systems against ongoing attacks.
About this happening:
On **2026-06-05**, **CISA**, the **FBI**, the **NSA**, the **Department of Energy**, and other U.S. partners issued a **joint advisory** telling **critical infrastructure organiza...
CISA-led joint advisory to secure internet-exposed ATG systems
Public Sector ActionHow related: On Tuesday, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the NSA, the Department of Energy, and other U.S. government partners issued a joint advisory warning critical infrastructure organizations to secure internet-exposed ATG systems against ongoing attacks.
About this happening: On **2026-06-05**, **CISA**, the **FBI**, the **NSA**, the **Department of Energy**, and other U.S. partners issued a **joint advisory** telling **critical infrastructure organiza...
CISA automatic tank gauge system mitigations
Advisory/Mitigation
H score20
First: 02.06.2026 15:00
Last: 02.06.2026 15:00
Sources 1
How related:
On Tuesday, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the NSA, the Department of Energy, and other U.S. government partners issued a joint advisory warning critical infrastructure organizations to secure internet-exposed ATG systems against ongoing attacks.
About this happening:
**CISA**, **FBI**, **NSA**, and the **Department of Energy** warned that attackers are targeting **internet-exposed automatic tank gauge (ATG) systems** used to monitor fuel and l...
CISA automatic tank gauge system mitigations
Advisory/MitigationHow related: On Tuesday, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the NSA, the Department of Energy, and other U.S. government partners issued a joint advisory warning critical infrastructure organizations to secure internet-exposed ATG systems against ongoing attacks.
About this happening: **CISA**, **FBI**, **NSA**, and the **Department of Energy** warned that attackers are targeting **internet-exposed automatic tank gauge (ATG) systems** used to monitor fuel and l...
US government warning on Iran-affiliated critical infrastructure disruption risk
Public Sector Action
H score24
First: 18.05.2026 18:41
Last: 18.05.2026 18:41
Sources 1
How related:
Last month, the US government warned that Iran-affiliated threat actors were disrupting US critical infrastructure through attacks on Internet-exposed operational technology (OT) devices across various sectors.
About this happening:
The **US government** warned that **Iran-affiliated threat actors** were disrupting **US critical infrastructure** through attacks on **Internet-exposed OT devices** across **mult...
US government warning on Iran-affiliated critical infrastructure disruption risk
Public Sector ActionHow related: Last month, the US government warned that Iran-affiliated threat actors were disrupting US critical infrastructure through attacks on Internet-exposed operational technology (OT) devices across various sectors.
About this happening: The **US government** warned that **Iran-affiliated threat actors** were disrupting **US critical infrastructure** through attacks on **Internet-exposed OT devices** across **mult...
NCSC-UK joint advisory on covert botnets and proxy networks
Public Sector Action
H score66
First: 23.04.2026 15:28
Last: 23.04.2026 15:28
Sources 1
About this happening:
**NCSC-UK** and partner agencies issued a **joint advisory** warning that **China-nexus hackers** are using **hijacked consumer devices** as covert proxy networks to hide maliciou...
NCSC-UK joint advisory on covert botnets and proxy networks
Public Sector ActionAbout this happening: **NCSC-UK** and partner agencies issued a **joint advisory** warning that **China-nexus hackers** are using **hijacked consumer devices** as covert proxy networks to hide maliciou...
Timeline
-
18.05.2026 18:41 3 articles · 1mo ago
Iranian hackers allegedly breach exposed ATG systems at US gas stations
Initial DisclosureIranian threat actors allegedly exploited Internet-exposed automatic tank gauge (ATG) systems with no password protections at gas stations around the US, changing display readings on tanks without altering the actual fuel levels. The reporting attributes the activity to Iran while noting that there has been no significant disruption to US fuel-related critical infrastructure so far.
Show sources
- Fuel Tank Breaches Expand Scope of Iran's Cyber Offensive — www.darkreading.com — 18.05.2026 18:41
- Fuel Tank Breaches Expand Scope of Iran's Cyber Offensive — www.darkreading.com — 18.05.2026 18:41
- Over 900 US gas station tank gauge systems exposed to attacks — www.bleepingcomputer.com — 05.06.2026 17:50