Iranian Hackers Suspected of Accessing Unprotected US Gas Station Tank Monitors

US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states. The hackers exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords. In some cases they were able to tinker with display readings on the tanks but not the actual levels of fuel in them.

The cyber intrusions are not known to have caused physical damage or harm. Gaining access to an ATG could in theory allow a hacker to make a gas leak go undetected, according to private experts and US officials. Iran’s history of targeting the gas tank systems is one reason the country is a top suspect, sources briefed on the investigation said.

The US government may not be able to definitively determine who was responsible because of a lack of forensic evidence left by the hackers. CNN has requested comment on the ATG hack from the US Cybersecurity and Infrastructure Security Agency. The FBI declined to comment.

If confirmed, the activity would add to a string of Tehran-linked operations against US infrastructure since the war began in late February. Tehran-linked hackers have caused disruptions at multiple US oil and gas and water sites. They have also caused shipping delays at Stryker, a major US medical device maker, and leaked the private emails of FBI Director Kash Patel.

One of the groups, calling itself Handala after a Palestinian cartoon character, taunted Patel while claiming it had breached the FBI’s “impenetrable” computer systems. In reality, the hackers got into Patel’s years-old Gmail emails. ” Karadi would not comment on whether any Iranian cyber operatives were killed in that strike, citing his agency’s mandate which is limited to cyber defense.

Orleans offered two reasons there have not been more incidents. “The first is that Iran appears to have lacked the lines of access to deliver sustained effects, or we likely would’ve seen more incidents like Stryker,” he said. US intelligence agencies have long considered Iran’s cyber capabilities inferior to those of China or Russia.

After Hamas attacked Israel on October 7, 2023, US officials blamed hackers affiliated with Iran’s Islamic Revolutionary Guard Corps for a series of attacks on US water utilities that displayed an anti-Israel message on equipment used to manage water pressure.

In 2015, security firm Trend Micro put mock ATG systems online to see what kind of hackers would target them. A 2021 report from Sky News cited internal documents from the Islamic Revolutionary Guard Corps that singled out ATGs as a potential target for a disruptive cyberattack on gas stations.

Seventy-five percent of US adults surveyed in a recent CNN poll said the Iran war had a negative effect on their finances. In the 2020 election, federal agencies including CISA blamed Iran for a scheme that impersonated the far-right Proud Boys to try to intimidate voters.

During the 2024 US presidential election, Iranian hackers breached the Trump campaign and sent internal documents from it to news organizations.