• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 9th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Gas Stations Offering Internet-linked Fuel Tanks New Target for Hackers

August 11th, 2015 Waqas Security 0 comments
Gas Stations Offering Internet-linked Fuel Tanks New Target for Hackers
Share on FacebookShare on Twitter

In 2013, we at HackRead reported how oil and gas sector faces serious physical and online security threats.

Now researchers have found out that hackers like to hunt for gas stations offering Internet-linked fuel tanks.

With the expansion in modernized gas stations offering Internet-linked fuel tanks, it is also imperative that proper security measures are employed to avoid disasters, claim Trend Micro Security researchers.

anonymous-hacks-mexico-govt-website-demand-justice-for-ruben-espinosa-03

At the Black Hat USA, 2015 Conference in Las Vegas, TrendLabs Forward-Looking Threat Research (FTR) Team comprising of Stephen Hilt and Kyle Wilhoit presented their most recent research. The team also disclosed their GasPot experiment.

According to the team, they tested a honeypot to discover how today’s hackers viewed internet-connected gas tanks.

In this experiment, they created fake gas tanks mimicking Guardian AST gas-tank-monitoring systems. The system has received a series of unexplainable attacks right from the beginning of 2015.

According to their research, hackers fell prey to their experiment and soon underground groups and text snippets on Pastebin started popping up as hackers started providing information to one another.

All about GasPots:

GasPots are the fake gas tanks created by TrendLabs team. The name has been inspired from HoneyPots. These acted as the servers configured for mimicking as a genuine gas tank. These also contained a Python script that recorded all of its activities.

GasPots were designed particularly for transmitting fake gas tank data as well as observing for any kind of commands from someone trying to feed the system via Internet-accessible terminal.

Several countries including Russia, USA, Germany, United Arab Emirates and Great Britain have deployed GasPots already.

 Location of GasPot instances

Location of GasPot instances | Image Source: Trend Micro

After analyzing the collected data in the logs, the team concluded that the most predominant activity was related to the standard GET commands, which were used to inquire about the gas tanks typically used by automatic scanners.

The DDOSed Gas Tank:

Some of the commands were entered in the gas tank honeypots such as ones inquiring about tank’s details and those that attempted to change its name.

The names of some gas tanks were eventually changed, but the most surprising discovery was that at one point, a 2Gbps DDoS attack was also recorded at GasPots located in Washington. The source, reveals preliminary evidence, was the Syrian Electronic Army/SEA.

Research team also claimed that they

“have not seen the SEA use this technique in previous attacks, [and this] could have been performed by another group or person who wants to put the blame on the SEA.”

US gas stations Most Favorite Target of Hackers

According to the logs, a majority of the attacks originated from countries like Iran, China, Russia, Syria, USA, Canada, Romania and Mexico but most of them utilized secured VPN links and thus, their actual location remained dubious.

Around 44% of the recorded attacks were directed towards gas tanks in the US, 17% to Jordan and 11% was recorded in Great Britain, Brazil and the United Arab Emirates.

Report typos and corrections to admin@hackread.com

[src src=”Source + Full Report in PDF” url=”http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_the_gaspot_experiment.pdf”]TrendMicro[/src]

  • Tags
  • anonymous
  • Cyber Attack
  • DDOS
  • Energy
  • Gas Stations
  • Oil
  • security
  • Syrian Electronic Army
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Anonymous Hacks Mexican Govt Website, Demand Justice For Rubén Espinosa
Next article Facebook API Security Flaw Left 1.44 Billion Users’ Identities at Risk
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
European Banking Authority victim in Microsoft Exchange Server hack

European Banking Authority victim in Microsoft Exchange Server hack

FluBot Android malware mimics FedEx, Chrome apps to steal user data

FluBot Android malware mimics FedEx, Chrome apps to steal user data

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
European Banking Authority victim in Microsoft Exchange Server hack
Hacking News

European Banking Authority victim in Microsoft Exchange Server hack

FluBot Android malware mimics FedEx, Chrome apps to steal user data
Android

FluBot Android malware mimics FedEx, Chrome apps to steal user data

John McAfee Charged with Fraud in Cryptocurrency Scam
Cyber Crime

John McAfee Charged with Fraud in Cryptocurrency Scam

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us