Federal Agencies Urge ATG Action to Mitigate Cybersecurity Risks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning of active malicious cyber activity targeting automatic tank gauge (ATG) systems at fuel storage facilities across the United States. Federal agencies, including the FBI, NSA, EPA, DOT have observed threat actors exploiting internet-exposed ATG systems to gain unauthorized access, execute commands, alter tank parameters and pump controls, disable system alerts, and create conditions that could mask leaks or cause physical damage to tank infrastructure. Due to the advisory, EMA urges marketers to take immediate action:

• Remove ATG systems from public internet exposure — use firewalls, VPNs, or access control lists for any necessary remote access.
• Change default passwords immediately and implement strong, unique credentials with multifactor authentication where feasible.
• Apply available security patches in coordination with certified ATG service providers
• Monitor networks for unauthorized access and report suspicious activity to CISA at report@cisa.gov or 888-282-0870.

CISA has created an online resource that compiles guidance for marketers. IFFA members with questions or concerns are encourged to reach out directly.