US Officials Suspect Iranian Hackers Behind Cyber Breaches Targeting Fuel Storage Systems

US officials are investigating a wave of cyber breaches affecting fuel storage monitoring systems serving gas stations in multiple states, with Iran emerging as a leading suspect behind the ttacks.

According to sources briefed on the investigation, hackers exploited Automatic Tank Gauge (ATG) systems that were connected to the internet without password protection. The intruders reportedly manipulated display readings on fuel tanks, though they were unable to alter the actual fuel levels.

While the attacks have not caused physical damage, cybersecurity experts and US officials warn the intrusions pose significant safety risks. Access to ATG systems could theoretically allow hackers to conceal gas leaks or interfere with fuel monitoring operations.

Officials say Iran’s history of targeting vulnerable oil, gas, and water infrastructure makes Tehran a primary suspect, though investigators caution that limited forensic evidence may prevent a definitive attribution.

The incidents come amid heightened tensions surrounding the ongoing US-Israel conflict with Iran, raising fears that Tehran could increasingly turn to cyber warfare against critical US infrastructure.

Cybersecurity experts note that Iranian hacking groups have long searched for poorly secured industrial systems connected to the internet. Following the October 7, 2023 Hamas attack on Israel, US officials accused Iran-linked hackers affiliated with the Islamic Revolutionary Guard Corps (IRGC) of attacking American water utilities and displaying anti-Israel messages.

Security researchers have warned about vulnerabilities in internet-facing ATG systems for more than a decade. In 2015, cybersecurity company Trend Micro conducted an experiment by placing mock ATG systems online, quickly attracting attention from pro-Iran hacker groups.

A 2021 report citing internal IRGC documents also identified gas station systems as potential cyberattack targets.

Experts now say Iran’s cyber operations are becoming increasingly aggressive and sophisticated. Since the war began earlier this year, Tehran-linked hackers have reportedly disrupted oil and gas facilities, targeted water infrastructure, interfered with operations at medical device manufacturer Stryker, and leaked private emails belonging to FBI Director Kash Patel.

Iranian hacker groups are also accused of running coordinated psychological and propaganda campaigns through Telegram channels and fake “hacktivist” personas. One such group, Handala, publicly mocked US officials while exaggerating claims about breaching FBI systems.

Cybersecurity analysts warn that Iran’s growing cyber activity could also pose risks to future US elections. Former officials point to Iran’s previous attempts to influence the 2020 and 2024 elections through hacking, intimidation campaigns, and disinformation operations.

Experts say the biggest concern now is not necessarily direct attacks on election systems, but large-scale information warfare powered by artificial intelligence, social media manipulation, and cyber-enabled propaganda campaigns.