-
Rename Tank Information: On consoles using Telnet, hackers find the MAC address, determine whether it is a TLS-350 or TLS-450PLUS and simply change the tank names to something inappropriate.
-
Resize Tanks (From 10K to 20K Gallons): It is possible to change the tank size, so it appears the tank can hold more than it really can. The thresholds could also be changed so that overflow alarms appear at a higher level. The potential would be to overfill the tank causing an environmental leak.
-
Shutdown Dispensing (PLLD and Relay Settings): The relays could be deprogrammed so that the pump wouldn’t be activated on a hook signal. Additionally, PLLD could be turned off so catastrophic leaks may not be detected.
-
Capture Sensitive Corporate Data: By monitoring insecure Telnet connections, observers can gather operations data (delivery, inventory, alarms, etc.) for sale to third parties.
-
Shutdown IP Cards / Networking Services: After gaining access to a vulnerable corporate network, hackers could alter TLS-350 Ethernet cards lacking passwords; changing configurations and rendering management systems ineffective. Critical operations could be impacted (hospitals, emergency providers, cell service, power plants, etc.).
-
Loss of Compliance Data: Reprogramming the console could result in the loss of compliance data translating to potential regulatory fines.
New methods of attacking equipment are discovered daily.
These are collected in a national database (CVE) and made available to the public to address the issues. Software suppliers, including Veeder-Root, use this information to create fixes. As fixes are made available, equipment should be upgraded to protect it from potential security vulnerabilities.
Veeder-Root uses two platforms daily to discover any new vulnerabilities in our TLS-450PLUS software.