Cybersecurity officials in the United States are investigating a series of breaches targeting fuel monitoring systems at gas stations, with early assessments suggesting possible involvement of Iranian-linked hackers.
The attacks focused on systems used to track fuel levels in storage tanks, though no physical damage or fuel leaks have been reported so far.
Hackers target fuel monitoring systems
The compromised systems, known as automatic tank gauge (ATG) systems, were reportedly exposed online without proper password protection.
According to sources familiar with the investigation, the hackers were able to access these systems and, in some cases, alter display readings showing fuel levels.
However, officials confirmed that the actual fuel quantities in storage tanks were not affected.
Concerns over critical infrastructure security
While no physical harm has occurred, experts warn that access to ATG systems could potentially allow attackers to mask real fuel leaks or disrupt monitoring processes.
This has raised broader concerns about vulnerabilities in US critical infrastructure, particularly systems connected to oil and gas operations.
US officials suspect that the cyber activity may be linked to Iranian hacking groups, based on past incidents involving similar targeting of infrastructure systems.
The US Cybersecurity and Infrastructure Security Agency and the FBI have not publicly confirmed responsibility, and forensic evidence remains limited.
Investigators say Iran has previously targeted US infrastructure systems, including water utilities and energy-related networks.
Cybersecurity researchers have long warned that internet-connected industrial systems, including ATGs, are often poorly secured and attractive targets for hackers.
In past incidents, Iran-linked groups have also been accused of cyber disruptions involving US companies and government-linked systems.
The report highlights a broader escalation in cyber operations during ongoing geopolitical tensions involving Iran, the United States, and Israel.
Experts say Iranian cyber activity has become more frequent and more sophisticated, including data leaks, phishing campaigns, and infrastructure disruptions.
