Posted in | News

Web Hackers Now Targeting IOT Connected Gas Pumps

Image credit: pathdoc / Shutterstock.com

From energy efficiency in the smart home, enhancing entire healthcare systems, to state-of-the art farming techniques in agriculture and even advances in combatting climate change, the internet-of-things (IoT) can provide many benefits.

However, a recent study completed by Trend Micro research has unearthed plans to compromise internet-connected gas-pumps. Uncovering IoT threats in the cybercrime underground is the primary focus of the paper titled, The Internet of Things in the Cybercrime Underground, and finds that there has been a surge in discussions on the ‘dark-web’ regarding gas-pump hacking.

What’s more is that the report analyzed five underground communities based on the principal language used in each; English, Russian, Portuguese, Arabic, and Spanish, which leads to the assumption that many of the threats are not only localized. Rather, they span the entire globe which include cyber-attacks on information legitimate institutions, industry, electricity meters and even devices such as webcams, printers and routers.

The discussion regarding the malicious attacks on IoT connected gas pumps peaked in the Russian and Portuguese speaking communities. The report found that tutorials on the inner workings of commercial gas pumps, including programmable logic controllers (PLCs)” were distributed throughout these dark-web communities. Whilst it is commonly believed that the primary goal of these particular hackers is to gain access to resources for little to no cost, more malign potentialities do exist.

The dark-web, like the regular internet, is a network of websites. However, it is much more difficult for the everyday web user to access and negotiate due to the requirements of a virtual private network (VPN), to encrypt web-traffic, and a specific TOR web-browser.

This enables users to hide their identity and also websites to operate anonymously making it a scene for illegal activity. Whilst most of the sites and forums on the dark web had requests for hacking methods for everyday devices such as webcams, they also found a spike in requests for PLCs, which are used on IoT connected gas pumps and in factories to manage machinery remotely.

Gaining access to PLCs enables DDoS attacks which can have huge consequences such as the synchronized cyber-attack on a Ukrainian power plant that left swathes of the country without power. While, this leads to very real concerns about how further exploiting vulnerabilities in IoT systems could impact the day-to-day lives of people all over the world, the major concern for government and industry is that it opens up the possibility for scenarios involving extortion.

Recent attacks on gas pumps have been less malicious with the Trend Micro report stating how one author teaches those in the forum how to change a tank name to “cashew juice” as an example. However, hackers could also send other commands to the gas pump and even change the tank limit so that it overflows and whilst instructions, “so far lack a clear monetization plan beyond selling the physical modified devices” this is a real concern going forward.

So, the fact that there is very real concern regarding the hacking of IoT connected gas pumps researchers there are methods and counterstrategies that can be deployed to help protect them, and similar devices going forward.

This includes the consistent update and renewal of passwords and using encryption techniques similar to that of those perpetrating cyber-attacks as well as ensuring all software is updated and patched accordingly. The same goes for devices in the home, ensuring good protection and security helps mitigate against potential risks or concerns the everyday internet user or subscriber to smart technologies may have.

Disclaimer: The views expressed here are those of the author expressed in their private capacity and do not necessarily represent the views of AZoM.com Limited T/A AZoNetwork the owner and operator of this website. This disclaimer forms part of the Terms and conditions of use of this website.

David J. Cross

Written by

David J. Cross

David is an academic researcher and interdisciplinary artist. David's current research explores how science and technology, particularly the internet and artificial intelligence, can be put into practice to influence a new shift towards utopianism and the reemergent theory of the commons.

Citations

Please use one of the following formats to cite this article in your essay, paper or report:

  • APA

    Cross, David. (2019, October 17). Web Hackers Now Targeting IOT Connected Gas Pumps. AZoRobotics. Retrieved on October 07, 2024 from https://www.azorobotics.com/News.aspx?newsID=10853.

  • MLA

    Cross, David. "Web Hackers Now Targeting IOT Connected Gas Pumps". AZoRobotics. 07 October 2024. <https://www.azorobotics.com/News.aspx?newsID=10853>.

  • Chicago

    Cross, David. "Web Hackers Now Targeting IOT Connected Gas Pumps". AZoRobotics. https://www.azorobotics.com/News.aspx?newsID=10853. (accessed October 07, 2024).

  • Harvard

    Cross, David. 2019. Web Hackers Now Targeting IOT Connected Gas Pumps. AZoRobotics, viewed 07 October 2024, https://www.azorobotics.com/News.aspx?newsID=10853.

Tell Us What You Think

Do you have a review, update or anything you would like to add to this news story?

Leave your feedback
Your comment type
Submit

While we only use edited and approved content for Azthena answers, it may on occasions provide incorrect responses. Please confirm any data provided with the related suppliers or authors. We do not provide medical advice, if you search for medical information you must always consult a medical professional before acting on any information provided.

Your questions, but not your email details will be shared with OpenAI and retained for 30 days in accordance with their privacy principles.

Please do not ask questions that use sensitive or confidential information.

Read the full Terms & Conditions.