Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsible

Exclusive: Iranian Hackers Target U.S. Gas Station Fuel Tanks

Exclusive: U.S. officials have identified Iranian hackers as potential perpetrators of cyber intrusions affecting automatic tank gauge (ATG) systems at gas stations across several states. These systems, which track fuel levels in storage tanks, were found vulnerable due to missing password protections, according to multiple sources familiar with the investigation. While the breaches did not alter actual fuel quantities, they raised concerns about the possibility of undetected leaks or manipulated readings, as highlighted by U.S. government agencies and cybersecurity experts.

Iran’s Cyber Campaign Gains Traction

Exclusive: The suspected involvement of Iran in these attacks stems from its documented history of targeting similar infrastructure. Although definitive proof remains elusive due to limited digital traces left by the hackers, the U.S. Cybersecurity and Infrastructure Security Agency has been probed for comments. The FBI, however, has not yet confirmed any link to Tehran, leaving room for further analysis. This case underscores Iran’s growing focus on disrupting American energy systems through cyber means.

Impact on U.S. Critical Infrastructure

Exclusive: The hacking campaign has exposed vulnerabilities in U.S. infrastructure, particularly in sectors reliant on internet-facing systems. With 75% of Americans reporting financial strain from the Iran-Israel conflict, these breaches have intensified scrutiny on cybersecurity preparedness. Analysts warn that Iran’s strategy of exploiting low-hanging fruit—such as ATGs—could escalate into more sophisticated attacks on vital sectors like power grids or transportation networks.

Exclusive: Since the conflict began in late February, Iranian-linked hackers have been linked to disruptions at oil and gas facilities, shipping delays, and the exposure of sensitive communications. These actions suggest a shift in Iran’s cyber tactics, blending rapid malware development with assertive hacking campaigns targeting media and infrastructure. The U.S. government remains cautious, as Iran’s cyber capabilities are still considered less advanced than those of China or Russia.

Exclusive: The recent attacks on U.S. water utilities following Hamas’s October 7, 2023, assault also point to Iran’s cyber strategy. By leveraging anti-Israel messages in their intrusions, Tehran-linked groups have demonstrated a blend of disruption and psychological influence. Cybersecurity experts note that this approach aligns with Iran’s broader efforts to destabilize U.S. systems while maintaining plausible deniability.

“Iran’s cyber operations have evolved significantly, showing greater speed and integration with psychological campaigns,” said Yossi Karadi, head of Israel’s National Cyber Directorate. “Their actors are now striking at opportunities they find in cyberspace, using tools like AI to enhance their targeting.”

Exclusive: The war with Iran has not only tested military defenses but also highlighted the nation’s cyber vulnerabilities. While the U.S. military has employed cyber tactics to bolster kinetic strikes, the recent breaches at gas stations serve as a reminder of the dual threats posed by both physical and digital attacks. Analysts like Allison Wikoff from PwC emphasize that Iran’s ability to adapt its methods—such as deploying destructive malware and hack-and-leak campaigns—could have lasting implications for U.S. infrastructure security.