Image
“In order to monitor these systems remotely, many operators use a TCP/IP card or a third-party serial port server to map the ATG serial interface to an internet-facing TCP port. The most common configuration is to map these to TCP port 10001. Although some systems have the capability to password protect the serial interfaces, this is not commonly implemented.”“Remote access to the control port of an ATG could provide an attacker with the ability to reconfigure alarm thresholds, reset the system, and otherwise disrupt the operation of the fuel tank,” warned Moore. “An attack may be able to prevent the use of the fuel tank entirely by changing access settings and simulating false conditions, triggering a manual shutdown. Theoretically, an attacker could shut down over 5,300 fueling stations in the United States with little effort.” Tripwire security analyst Ken Westin said this instance is another reminder that when everything is connected, everything is vulnerable:
"Many industrial sensors are increasingly becoming connected to the Internet, either through embedded systems or through add-on components, which increases the risk substantially particularly when proper care is not taken with regards to securing the device and network they connect to."Although the attack doesn’t appear to be currently exploited in the while, the security researcher recommends operators take action to help mitigate or remediate the issue, such as using a VPN (virtual private network) gateway or other dedicated hardware interface to connect the ATG with their monitoring service. Other less-secure options include applying source IP address filters or setting a password on each serial port.
