Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA automatic tank gauge system mitigations

Advisory/Mitigation
First reported
Last updated
Happening score
H score 20
2 unique sources, 3 articles

Summary

Hide ▲

CISA, FBI, NSA, and the Department of Energy warned that attackers are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage tanks across Energy, Chemical, Food and Agriculture, and Transportation Systems sectors. The activity involves compromise through authentication bypass, hardcoded credentials, command-execution flaws, SQL injection, and privilege escalation, after which attackers can modify network settings, product identifiers, tank volumes, and pump controls, and disable alerts. The agencies urged operators to block ATG systems from the internet, restrict remote access with firewalls, VPNs, or access control lists, replace default passwords, use strong credentials and multifactor authentication, apply security updates, and monitor for unauthorized changes.

Related Happenings

Automatic tank gauge (ATG) systems ongoing attacks

Exploitation Wave
H score25 First: 05.06.2026 17:50 Last: 05.06.2026 17:50 Sources 1

How related: Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been found exposed online and are vulnerable to ongoing attacks.

About this happening: Over 900 internet-exposed ATG systems across the United States are being targeted in ongoing attacks, creating risk of alert tampering, fuel or chemical leaks, and...

CISA-led joint advisory to secure internet-exposed ATG systems

Public Sector Action
H score43 First: 05.06.2026 17:50 Last: 05.06.2026 17:50 Sources 1

How related: On Tuesday, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the NSA, the Department of Energy, and other U.S. government partners issued a joint advisory warning critical infrastructure organizations to secure internet-exposed ATG systems against ongoing attacks.

About this happening: On 2026-06-05, CISA, the FBI, the NSA, the Department of Energy, and other U.S. partners issued a joint advisory telling critical infrastructure organiza...

Iranian hackers' ATG cyberattack campaign

Campaign
H score37 First: 18.05.2026 18:41 Last: 18.05.2026 18:41 Sources 1

How related: CISA's warning comes after a May CNN report that Iranian hackers had breached ATG systems connected to the Internet at multiple gas stations across the United States.

About this happening: Iranian threat groups launched a barrage of cyberattacks after the conflict began, broadening pressure on US gas-station fuel-monitoring systems and signaling continued ri...

CISA and NCSC-UK China-nexus covert device networks advisory

Advisory/Mitigation
H score25 First: 23.04.2026 15:00 Last: 23.04.2026 15:00 Sources 1

About this happening: CISA and NCSC-UK released a new advisory warning organizations about Chinese government-linked covert networks built from compromised devices. The guidance says we...

CISA KEV directive for CVE-2026-20133

Public Sector Action
H score36 First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On Monday, April 21, 2026, CISA added CVE-2026-20133 to the KEV Catalog and ordered FCEB agencies to secure their networks by Friday, April 24. The directi...

Timeline

  1. 02.06.2026 15:00 4 articles · 1mo ago

    CISA publishes ATG system mitigation guidance

    Mitigation Patch Update

    CISA and government partners published a joint fact sheet recommending that owners and operators of U.S.-based automatic tank gauge (ATG) systems use strong passwords, remove ATG systems from the internet, and audit and monitor logs to reduce the risk of compromise that could disrupt tank monitoring, create undetected leaks, and cause environmental or physical damage.

    Show sources