Gas station security system storage vulnerabilities or become a new target for hacker attacks, gas station hacker attacks

Gas station security system storage vulnerabilities or become a new target for hacker attacks, gas station hacker attacks

The gas station security system has vulnerabilities or becomes a new target for hacker attacks. In addition to hospitals, automobiles, and TVs, the gas station may be added to the list of potential hacker attacks. Researchers at Kaspersky Lab recently discovered new software vulnerabilities, which may cause hackers to intrude into more than 1000 gas stations around the world.

On September 9, noror, senior security researcher at Kaspersky Lab, and Neman, an Israeli security researcher, proposed this system security issue at the Kaspersky security analyst summit in Cancun, Mexico. Their research shows that hackers can change the price of gasoline, steal credit card information and license plate numbers from the oil pump, steal gasoline, and adjust the monitor temperature.

According to reports, the new software vulnerability problem is caused by the oil pump at the gas station connected to the Internet, and the default password cannot be changed and controlled by the owner, which allows attackers to completely control the fuel machine.

Neman pointed out that once hackers have root permissions, they can do anything they want. Noor pointed out that attackers can remotely manipulate these gas stations anywhere, and it is not difficult because these gas stations have weak passwords to connect to the Internet.

It is reported that the gas station's online software comes from Orpak, a fuel management company, which was acquired by gilbuck-vitelot in last May. According to the Orpak website, the company's management software is installed in more than 35 thousand gas stations around the world. The online guide published by the company also shows the details of software technology, including instructions on passwords and access interfaces.

For this vulnerability, Orpak said it would not affect the customer. The company has released software patches and upgrades, notified customers who may have vulnerabilities, and has taken additional security measures to reduce or eliminate risks. For the sake of security, some instructions and online guides on the company's Internet have been deleted, but they can still be found through quick Google search.

These vulnerabilities highlight the problems behind Iot devices, which are widely criticized for lack of security. Noor pointed out that a simple unsecure Network Camera and video recorder can enable hackers to launch large-scale network attacks, while attacking a gas station Brings a higher level of danger.