Hybrid Cloud Security
Data Center & Virtualization
Security Fit for DevOps
Solutions for Security Teams
Advanced Threat Protection
Endpoint & Gateway Suites
SaaS Application Security
Endpoint Detection & Response
Point of Sale
All Products and Trials
Centralized Visibility & Investigation
Global Threat Intelligence
Connected Threat Defense
Breaking News & Intelligence
Simply Security Blog
Security Intelligence Blog
UK Security Blog
Education & Certification
Glossary of Terms
Research & Reports
The Deep Web
Internet of Things (IoT)
Zero Day Initiative (ZDI)
Login to Support
Virus & Threat Help
Renewals & Registration
Free Cleanup Tools
Find a Support Partner
Pre-Sales Technical Advice
For popular products:
Find a Partner (Reseller, CSP, MSP)
Become a Partner (Reseller, Integrator)
All Alliance Partners
Customer Success Stories
Corporate Social Responsibility
Diversity & Inclusion
Internet Safety and Cybersecurity Education
Find a Partner
1-877-218-7353(M-F 8-5 CST)
Learn of upcoming events
Social Media Networks
+44 (0) 203 549 3300
In a thorough investigation of gas pumps that use the Guardian aboveground storage tanks (AST) monitoring system in the United States, threat researchers Kyle Wilhoit and Stephen Hilt found one particular unit tampered with. Attackers changed the pump name from “DIESEL” to “WE_ARE_LEGION.”
“The group Anonymous often uses the slogan ‘We Are Legion,’ which might shed light on possible attributions of this attack. But given the nebulous nature of Anonymous, we can’t necessarily attribute this directly to the group,” says Wilhoit, a senior threat researcher from Trend Micro.
[Read: Is Anonymous Attacking Internet Exposed Gas Pump Monitoring Systems in the US?]
The affected system was only one from a total of 1,515 gas pumps in the US that the researchers found connected to the Internet but virtually unsecured from possible attacks.
This development comes at the heels of news that more than 5,000 Internet-facing gas station pumps are also vulnerable to remote access attacks that can lead to the shutdown of these stations.
There is a two-headed problem with current industrial control systems (ICS)/ SCADA like gas pump systems, which are used to operate and/or automate industrial processes. The first problem is that they're easily found on the Internet.
“Through the power of the Internet, one can easily perform some Google-dork searches and find embedded systems that are exposed to the web, some of which have been so since 2010 or even earlier,” remarks Wilhoit in a paper on SCADA systems in 2013.
Second, Wilhoit also noted how these systems did not have security mechanisms in place to prevent unauthorized access.
[Read: Who Is Really Attacking Your ICS Devices?]
Moreover, we have already seen other systems and operations that have been put in danger because of insecure ICS systems. Early this year, we reported of attackers with knowledge in IT security and ICS processes causing massive damage to a German steel plant in 2014. This incident was confirmed by the German government and was dubbed the second cyber attack to ever cause physical damage since the highly sophisticated Stuxnet malware wreaked havoc to the Natanz uranium enrichment plant in Iran.
[Read: German Steel Plant Suffers Significant Damage from Targeted Attack]
Operators of these systems should level up in terms of security, given the amount of damage that a breach or attack can incur, not just to the company but also to those who rely on them. Imagine what would happen if water or power distribution systems were affected.
[Read: Basic Steps to Protect Your ICS/SCADA Environment]
Security is a must. Fill it up, would you?
Like it? Add this infographic to your site:1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.