OT Security Iran suspected in breaching automatic tank gauges at US gas stations May 19, 2026 Share By Laura French Automatic tank gauges (ATGs) at gas stations in several U.S. states were reportedly breached by suspected Iranian hackers, CNN reported on Friday . The news outlet cited unnamed sources who were briefed by U.S. officials about the attacks, which targeted ATG systems that were exposed to the internet without password protection. Officials were said to have made the attribution based in part on Iran’s past targeting of gas tank systems. The report follows alerts published last month by the Energy Marketers of America (EMA) trade association, which published an advisory on April 14, 2026, warning of suspected Iran-backed attacks on ATGs nationwide. The EMA said it specifically knew of attacks on systems in Tennessee, with one convenience store chain having 15 of its tanks affected. In some cases, fuel tank and sensor information were deleted by attackers, EMA said. The EMA advisory further stated that the attacks involved “several successful attempts” to change the settings on internet-exposed Veeder-Root TLD-350 and TLS-450 Plus series consoles without password protection. Veeder-Root is the most commonly used ATG vendor, according to EMA. In a second advisory published around April 30, which was republished by the Texas Food & Fuel Association, states the Tennessee Fuel & Convenience Store Association (TFCA) reported the attacks and that the EMA and TFCA worked with the Department of Energy’s Cybersecurity, Energy Security an Emergency Response (DOE CESER) team and the Cybersecurity and Infrastructure Security Agency (CISA) to coordinate a response to the attacks. The April 30 advisory included a link to a threat memo from the DOE Energy Threat Analysis Center (ETAC) regarding ATG manipulation by cyber threat actors, but the memo no longer appears to be available online. It is unclear if the attacks reported by EMA are the same as those referred to in the CNN report, although the details appear similar. Thousands of ATG systems exposed online, experts say None of the reported attacks are said to have caused physical damage but could have caused readings displayed on fuel tanks to be inaccurate. Workers rely on these readings to help prevent leaks, spills and more. “Threat actors who gain access to these systems could overfill tanks and trigger environmental disasters, disable critical safety alarms, or override physical relays to cause permanent, irreversible damage to equipment,” warned Bitsight Principal Research Scientist Ben Edwards in an email to SC Media. Bitsight has previously conducted research on critical vulnerabilities in ATG systems and monitors the exposure of these systems over the public internet. In 2024, the cybersecurity company discovered 10 new vulnerabilities across ATG systems from five different vendors, seven of which were critical and two of which had maximum CVSS scores of 10.0. “Bitsight’s research has found that thousands of ATG systems remain directly accessible over the public internet, completely exposed to anyone who knows where to look — and we continue to find new systems coming online every day,” Edwards said. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has previously issued industrial control system (ICS) advisories regarding ATG flaws, including an alert in October 2025 about a critical vulnerability affecting TLS4B ATG systems by Veeder-Root. However, it’s notable that the recently reported attacks seemingly targeted systems without passwords rather than exploiting any specific vulnerability. “In this case, the issue does not appear to be that attackers used an exotic capability to manipulate fuel systems […] Basic cybersecurity hygiene requires unique passwords, no default passwords, and certainly you need to have a password,” said CBTS vCISO John Bruggeman in comments to SC Media. “The lack of this basic function gave attackers a path into equipment that should never have been that easy to reach.” Bruggeman noted that part of the challenge is the decentralized nature of the U.S. economy, which means that many of the vendors that make up the nation’s critical infrastructure are small, local business that may lack robust cybersecurity programs. “Some people think about critical infrastructure as if it is just a federal problem, but much of the exposure is sitting in plain sight at the local level,” Bruggeman said. John Gallagher, vice president of Viakoo Labs, told SC Media that another part of the problem is that many operational technology (OT) systems, such as ATGs, are “not planned with cybersecurity in mind” and are widely distributed “unlike IT systems inside data centers.” “To mitigate these risks, fuel system operators should urgently review their network setup [and] remove or block external network access. In addition the manufacturers of fuel systems should be providing guidance on key basic cyber hygiene requirements: how to set up multi-factor authentication, how to update firmware, how to change passwords, and so forth,” Gallagher said. Laura French Related IoT Thousands of Yarbo robotic lawnmowers exposed with identical default passwords SC Staff May 18, 2026 Security researcher Andreas Makris discovered that Yarbo robotic lawnmowers, which operate in over 30 countries and are equipped with cameras, GPS, and AI mapping, used the same default passwords. OT Security U.S. oil and gas sector faces OT security challenges post-Operation Epic Fury SC Staff May 8, 2026 A survey of OT decision-makers in the U.S. oil and gas sector found that 87% of operators are confident in detecting an OT breach within 24 hours. Zero trust Federal zero trust guidelines for OT environments unveiled SC Staff May 1, 2026 Mounting cybersecurity threats against operational technology networks stemming from the growing interconnectedness of industrial systems have prompted the Cybersecurity and Infrastructure Security and other federal agencies to issue joint guidance on implementing zero trust across OT systems, reports Infosecurity Magazine. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe You can skip this ad in 5 seconds