2026-06-07 · cisa
CISA and federal partners issued guidance after observing malicious cyber activity against U.S.-based automatic tank gauge systems used across energy, chemical, food and agriculture, and transportation sectors. The agencies said attackers are compromising exposed systems and modifying them through command execution. The warning matters for cold storage because it shows how internet-facing operational technology can be changed at the source. When live readings, settings, and logs are corrupted, operators need trusted offline records to verify what actually happened and recover safely.
The joint guidance says attackers are targeting automatic tank gauge systems that monitor fuel and liquid levels, temperature, and leak conditions. CISA urges owners to remove these systems from public internet exposure, enforce strong passwords and MFA, patch software, and monitor for unauthorized access.
If tank readings, alarms, or configuration records are altered, operators can lose confidence in both safety data and incident timelines. That can create operational disruption, environmental risk, compliance exposure, and expensive manual verification work.
Offline, write-protected snapshots of configurations, calibration records, incident logs, and recovery procedures give operators a clean baseline when connected systems are compromised. Cold storage does not stop the intrusion, but it preserves trustworthy data for restoration, audit, and forensic comparison.
Read Original Post →