United States
Australia
United Kingdom
Europe
New Zealand
Canada
Fort Meade, Md., June 3, 2026 — The National Security Agency joined the Cybersecurity and Infrastructure Security Agency and several other federal partners to issue a joint fact sheet warning that cyber threat actors are targeting automatic tank gauge systems used across U.S. critical infrastructure.
The advisory, titled “CISA and Partners Urge Hardening Automatic Tank Gauge Systems,” highlights recent activity in which unattributed actors compromised internet-exposed ATG devices and modified them through command execution. ATG systems are widely used to remotely monitor fuel and other liquid levels, temperature, and potential leaks in storage tanks across sectors including energy, chemical, food and agriculture, and transportation.
According to the agencies, the document outlines probable tactics, techniques, and procedures used in these intrusions, identifies risk factors associated with compromises, and provides recommendations and resources to reduce the likelihood of continued malicious activity against U.S.-based ATG systems.
NSA urged operators of operational technology across National Security Systems, the Defense Industrial Base, U.S. government networks, and other critical infrastructure to review and implement the mitigations in the fact sheet to prevent adversary access and compromise of ATG equipment.
The guidance was released jointly with the Federal Bureau of Investigation, the Department of Energy, the Environmental Protection Agency, TSA, the Department of Transportation, and the Department of Agriculture.
The fact sheet is available from the agencies and includes steps organizations can take to harden exposed systems and strengthen monitoring to detect and deter malicious activity.
