TECHNOLOGY
Gas stations and beyond: Why cybersecurity is a top priority for industrial infrastructure
December 19, 2021 1:55 p.m.
By Chris Connell, Managing Director for Asia Pacific at Kaspersky
Industrial Control Systems (ICS) demand specific approaches to cybersecurity due to their complex structure, connected devices with different capabilities, software and operating systems, and critical functions. And this isn’t just a theory.
Something as common as a gas station has all the attributes of an ICS, such as connected equipment including pumps and tanks, controllers, a management system, a payment system, as well as connection to the corporate network, third-party service systems, and the internet. Just like any industrial facility, it has cybersecurity issues that companies should consider, to avoid disruptions that may affect the business, its employees, and the general public. This happened recently when gas stations in Iran were shut down because of a targeted attack.
This look through an ICS infrastructure is based on our research carried out at the end of 2020. It included the analysis of a modern gas station’s automation software architecture, a typical infrastructure, and the communications inside it. This allowed us to classify potential attack vectors and their impact on the fuel station’s network.
At a gas station
Imagine you’re driving your car and you need to fill it. You stop at a gas station, put the dispenser in the tank, and go to the convenience store to pay for the fuel. Once inside, the fresh coffee smells nice, you take some snacks for the road, complete your purchase and return to your vehicle.
To deliver the fuel to your tank, several systems should work: the back-office system and point of sales are used for payments and management functions. They are connected to the forecourt controller (FCC). This is the area with pumps outside the convenience store where customers park their cars to fill up. It is equipped with many systems such as a pump control, an automatic tank gauge (ATG), payment systems, etc. The FCC is the main device that controls fuel distribution, so when you pay through a cashier, the FCC commands the pump to supply it to your car so you can continue your journey.
Information about operations, the amount of fuel sold and available is transmitted to the management system locally and then to a head office that accumulates information from all stations.
Where are the problems?
Through our research, we managed to classify what could go wrong in this process. There are several potential operational technology (OT) and IT security issues that can affect the work of the station.
The first group of risks involves potential remote access from external networks. Just like many industrial systems today, the gas station employs solutions that are connected to public services through the internet, these include cloud banking systems or specialised fleet management systems. Remote access to the fuel station allows further malicious actions inside the network.
This was a real case described in one of Kaspersky’s studies. At the gas station, fuel management software was used to track the amount stored, set the price, and process payments. The system was connected to the internet and had vulnerabilities that allowed remote admin access with the ability to even change the fuel price.
There are also suppliers and service companies that have access to some parts of the infrastructure. Compromising these third parties may open doors to the target system for attackers. In fact, this type of threat is of great concern for companies of any size profile: a third (32%) of large organizations suffered attacks involving data shared with suppliers. What’s more, the financial impact of such incidents on enterprises is the highest across all types of attacks in 2021.
Another set of risks involves network and device issues that may potentially lead to the disruption of fuel station services or direct financial impact. Attacks can come from remote networks or by connecting to wireless networks or wired network ports available onsite.
Then, if the network is not segmented, the attack can spread from entry points such as secondary equipment in a shop and office workstations to critical components such as fuel management controls. The usage of unencrypted protocols (HTTP, CDP, FTP, Telnet, etc.) in the gas station network may allow adversaries to disclose sensitive information for further attack development.
Another critical but evergreen problem is vulnerabilities or security flaws in the fuel controller, POS terminals, and network equipment, as well as corporate endpoints and applications. In 2015, 5,800 automatic tank gauges (ATGs) were found to be exposed to unauthorized access from the internet because of a lack of password protection on a serial port. ATG is an electronic component placed in the tank that monitors the level of fuel and checks if it is leaking fluid. And through this serial port, the ATG can be programmed. If the signal it transfers is not correct, the operator won’t get an alert about any deviation. Figures from 2015 also suggested that at the time, most systems were in gas stations in the US and represented 3% of those used in the country. By compromising such critical systems as automatic tank gauges, criminals can unlock options for fraud or even physical damage.
It is also important to verify all workstations used on the forecourt such as points of sale, back-office systems, fuel controllers or payment terminals, as well as their configuration and even access to USB ports. For example, a lack of encryption or incompliancy to the PCI DSS standard in a payment system can contribute to the risk of an attack. For a fuel controller, it is also important to check industrial protocols. Lack of source authentication or integrity control may give adversaries, performing a man-in-the-middle attack, the opportunity to intercept data and manipulate station controllers.
Another point to manage is wireless gateways and reader units. A security assessment should be performed to identify insecure industrial protocols, the possibility of jamming and spoofing attacks.
How to improve
There are major security measures that should help increase the overall level of operational technology infrastructure. It is applicable to fuel stations but is no less relevant to any industrial network.
Network security: Purpose-based network segmentation enhances overall security and minimizes the surface of a possible attack. The segment of the network that has access to untrusted parts of it, such as corporate IT, should also be separated and protected with appropriate enterprise-grade protection software.
Passive OT network monitoring is essential for asset and communication inventory and detection of intrusions before they affect the technological process. Monitoring data also helps IT security teams to analyze events and consider hardening measures.
Access control: This should include restricting physical and logical access to the automation and control system. Security measures for remote access control for service companies will help to avoid third-party incidents.
Endpoint protection: It is important to implement specialized industrial-grade security software for OT hosts and servers. Ensure that the software is approved by the automation vendor and compatible with its solutions. This should help to avoid a situation where the protection product affects operation functions.
Security management: A system for centralized security event collection and protection software policy management should be implemented. It is also important that the solution allows vulnerability and patch management. If the system can be integrated with Security Information and Event Management (SIEM), that is a ‘nice to have’ option for organizations that plan to upgrade their protection level. Real-time continuous monitoring and endpoint data collection with rules-based response and analysis capabilities will help to further improve protection from advanced attacks.
A more fundamental approach that involves long-term measures is also important to improve the overall cybersecurity posture. This means adhering to industry standards for information security controls such as IEC 62443, NIST, NERC CIP, and so on. The organization should also conduct penetration testing or security analysis regularly, to identify vulnerabilities and information security problems before they are exploited by someone. And then, of course, follow all recommended measures to fix them properly.
Going deeper, there are specific requirements for companies with different levels of protection. But the measures listed above are essential to fill most cybersecurity gaps. Be it a fuel station, refinery, or giant car manufacturer, the basic principles of OT and IT protection should allow the company to build a reliable cybersecurity system and develop it according to their needs. This will provide a great foundation for satisfied business owners and happy clients.
TECHNOLOGY
inDrive is 4th most downloaded travel app in PH
2:11 p.m. February 12, 2026
WITH over four million installations in 2025 alone, inDrive ranked fourth among the most downloaded travel apps in the Philippines, according to market intelligence firm Sensor Tower.
This ranking underscores Filipino users’ growing demand for inDrive to expand beyond ride-hailing as it evolves into a mobility super app.
inDrive also remained the world’s second most downloaded ride-hailing app for the fourth straight year. It also climbed from fifth to fourth place among the top travel apps globally and topped this category in Pakistan, Peru, Egypt, Morocco, the Dominican Republic, Ecuador, Guatemala, Panama, and Zimbabwe.
Reflecting on this milestone, inDrive Founder and CEO Arsen Tomsky said, “This recognition reflects the trust people place in our platform and the continued dedication of our global team. As inDrive evolves into a super app, we remain focused on our core principles of fairness, transparency, and user choice while expanding access to services that make a meaningful difference in people’s daily lives.”
Full Speed Ahead as inDrive Evolves into a SuperApp
With inDrive growing its user base year-on-year, the app has begun expanding its services beyond ride-hailing in other key markets. Among these new offerings is inDrive.Ads, an in-app advertising platform. By generating new income streams, inDrive can keep its take rate among the lowest in the industry while supporting long-term sustainability for riders, drivers, and local communities.
Now live in 20 countries, including the Philippines, inDrive.Ads plans to expand to all global markets within this year. On inDrive.Ads, ads appear across various screens in the funnel and include multiple-dimension banners featuring graphics and animation, with transparent measurement tools built in.
Tomsky said in a statement, “Diversifying our business with a high-margin stream like Ads is an important step for inDrive. This new line gives us more flexibility to fund affordability at scale.”
Sofia Guinto, inDrive Philippines Country Representative, echoed similar sentiments, saying, “inDrive.Ads is our way of championing fairness and accessibility on all facets of our SuperApp. Through this, we can maintain fares that are both affordable for passengers and lucrative for our drivers and create equal opportunities for more people and brands.”
Beyond its global launch of inDrive.Ads, inDrive has also expanded into intercity transportation, courier and grocery delivery, and financial services in other global markets. These new services utilize artificial intelligence and predictive analytics to fix mapping gaps, improve ETA accuracy, anticipate user needs, and personalize solutions. Through these AI-powered offerings, inDrive continues to drive innovation while still giving users the freedom of choice in every ride.
Throughout the rest of 2026, inDrive will continue to update its features and grow its user base, becoming a true mobility superapp. Amid this shift, it ensures that all rollouts will be built around fairness, opportunity, and people’s real needs. For more updates on inDrive’s new offerings available in the Philippines, visit www.inDrive.com or follow @inDrive.ph on social media.
TECHNOLOGY
Google AI Tools open new frontiers for wildlife conservation in PH, Southeast Asia
2:22 p.m. February 5, 2026
The endangered hog deer was once plentiful throughout South and in Southeast Asia, including India, Pakistan, Burma and Thailand. The species now faces serious decline and a loss in genetic diversity.
As the Philippines continues to battle biodiversity loss, Google has announced a major step forward in using AI to preserve endangered species. Through a partnership with the Vertebrate Genomes Project (VGP), Google is providing advanced AI tools and funding to sequence the genetic codes of threatened animals, a move that holds significant promise for conservation efforts in biodiversity hotspots like the Philippines.
Scientists predict that up to one million species globally face extinction. To combat this, Google is deploying AI technologies—including DeepPolisher, DeepVariant, and DeepConsensus—to make genomic sequencing faster, more accurate, and more affordable.
This process allows researchers to create a “biological instruction manual” for species, vital for designing effective conservation strategies.
Regional Impact for Southeast Asia. The initiative has already successfully sequenced 13 endangered species, several of which are native to the broader Southeast Asian region, highlighting the technology’s relevance to local ecosystems:
● The Elongated Tortoise: A critically endangered reptile native to Southeast Asia, currently the focus of captive breeding and reintroduction efforts.
● The Hog Deer: Once plentiful across South and Southeast Asia, this species now faces serious decline and loss of genetic diversity.
● Eld’s Deer: An endangered deer species indigenous to the region that requires breeding and conservation plan to survive.
Expanding the Safety Net. In addition to the initial species, Google.org has awarded the AI for Science fund to The Rockefeller University to expand this work to 150 additional species. This expansion opens the door for more unique wildlife—potentially including species found in the Philippines—to benefit from genomic preservation.
TECHNOLOGY
Infinix unveils XPAD Edge, its first 13.2-inch PC-level tablet redefining workplace productivity
12:01 p.m. February 2, 2026
Infinix today announced the launch of its first 13.2-inch ultra-slim productivity tablet, Infinix XPAD Edge. Featuring a 13.2-inch FHD+ (Full High Definition Plus) display, a sleek 6.19 mm metallic body, and a lightweight 588g design, XPAD Edge delivers the ideal balance of mobility and performance.With all-scenario 4G connectivity, the tablet redefines mobile productivity for modern creators, professionals, and learners.
Its detachable keyboard with touchpad transforms it into a true PC-level device, delivering a seamless workplace productivity experience, while combining cutting-edge technology and accessibility to give users greater freedom and efficiency everywhere.
Large Display, Ultra-Slim Design, and Productivity on the Go
Designed for today’s dynamic hybrid workforce, XPAD Edge enables users to work and learn efficiently anywhere. Measuring only 6.19mm thin and weighing 588g, it slips easily into a backpack or briefcase. Its 8000 mAh battery and all-scenario 4G connectivity provide lasting power and reliable access whether in a café, during travel, or at a remote worksite.
Furthermore, the expansive 13.2-inch 3:2 aspect-ratio display mirrors the proportions of a traditional PC screen, offering a broad workspace for documents, presentations, and spreadsheets.
With rich color reproduction and optimized contrast, every detail appears vivid and clear. Certified by TÜV Rheinland for low blue light and flicker-free performance, the XPAD Edge display filters up to 70% of harmful short-wave blue light and addresses the often-overlooked issue of screen flicker—helping to reduce eye fatigue during long working hours.
Inspired by the colors and light of the cosmos, the XPAD Edge is presented in the “Celestial Ink” colorway, refined metallic finish combines deep hues with a matte texture, blending technology with elegance in a minimalist design that suits both professional and personal settings.
PC-Level Experience for Smarter Workflows
Building on its ultra-slim design, XPAD Edge transforms mobile work into a truly PC-level experience. Designed as a versatile productivity hub, it brings together portability and power for efficient hybrid work and learning. Pre-installed WPS Office and an optimized task interface allow users to edit documents, manage files, and collaborate with ease. Whether preparing presentations, reviewing reports, or managing creative projects, XPAD Edge delivers a fast, intuitive, and professional workflow in every environment.
XPAD Edge supports split-screen, Parallel Windows, and multi-task drag-and-drop operations, maximizing the 13.2-inch large display for parallel applications. Within a single interface, users can browse data, take notes, and edit webpages effortlessly.
For external productivity, XPAD Edge supports Wireless Second Screen for PC*, enabling content mirroring or extension for meetings, design work, or entertainment. Users can also connect keyboards, mice, and other peripherals for a smooth, desktop-like experience that enhances both comfort and control.
In addition, XPAD Edge pairs seamlessly with the X Keyboard 20 to provide a flexible and natural writing experience. The magnetic keyboard and stylus combine precision with comfort, allowing users to take notes, sketch, or edit content with accuracy. Whether working in a café, classroom, or creative studio, XPAD Edge enables users to enjoy the freedom and efficiency of a complete mobile office anywhere.
BFAR cites success of annual fishing ban in increasing galunggong stocks
Converge hosts Project PIGLET in Baclayan, donates learning tablets for Mangyan children
Maxim launches motorcycle taxi services in Iligan
