Connect with us

TECHNOLOGY

Gas stations and beyond: Why cybersecurity is a top priority for industrial infrastructure

December 19, 2021 1:55 p.m.

By Chris Connell, Managing Director for Asia Pacific at Kaspersky

Industrial Control Systems (ICS) demand specific approaches to cybersecurity due to their complex structure, connected devices with different capabilities, software and operating systems, and critical functions. And this isn’t just a theory. 

Something as common as a gas station has all the attributes of an ICS, such as connected equipment including pumps and tanks, controllers, a management system, a payment system, as well as connection to the corporate network, third-party service systems, and the internet. Just like any industrial facility, it has cybersecurity issues that companies should consider, to avoid disruptions that may affect the business, its employees, and the general public. This happened recently when gas stations in Iran were shut down because of a targeted attack. 

This look through an ICS infrastructure is based on our research carried out at the end of 2020. It included the analysis of a modern gas station’s automation software architecture, a typical infrastructure, and the communications inside it. This allowed us to classify potential attack vectors and their impact on the fuel station’s network. 

At a gas station

Imagine you’re driving your car and you need to fill it. You stop at a gas station, put the dispenser in the tank, and go to the convenience store to pay for the fuel. Once inside, the fresh coffee smells nice, you take some snacks for the road, complete your purchase and return to your vehicle.

To deliver the fuel to your tank, several systems should work: the back-office system and point of sales are used for payments and management functions. They are connected to the forecourt controller (FCC). This is the area with pumps outside the convenience store where customers park their cars to fill up. It is equipped with many systems such as a pump control, an automatic tank gauge (ATG), payment systems, etc. The FCC is the main device that controls fuel distribution, so when you pay through a cashier, the FCC commands the pump to supply it to your car so you can continue your journey. 

Information about operations, the amount of fuel sold and available is transmitted to the management system locally and then to a head office that accumulates information from all stations. 

Where are the problems? 

Through our research, we managed to classify what could go wrong in this process. There are several potential operational technology (OT) and IT security issues that can affect the work of the station. 

The first group of risks involves potential remote access from external networks. Just like many industrial systems today, the gas station employs solutions that are connected to public services through the internet, these include cloud banking systems or specialised fleet management systems. Remote access to the fuel station allows further malicious actions inside the network. 

This was a real case described in one of Kaspersky’s studies. At the gas station, fuel management software was used to track the amount stored, set the price, and process payments. The system was connected to the internet and had vulnerabilities that allowed remote admin access with the ability to even change the fuel price. 

There are also suppliers and service companies that have access to some parts of the infrastructure. Compromising these third parties may open doors to the target system for attackers. In fact, this type of threat is of great concern for companies of any size profile: a third (32%) of large organizations suffered attacks involving data shared with suppliers. What’s more, the financial impact of such incidents on enterprises is the highest across all types of attacks in 2021. 

Another set of risks involves network and device issues that may potentially lead to the disruption of fuel station services or direct financial impact. Attacks can come from remote networks or by connecting to wireless networks or wired network ports available onsite. 

Then, if the network is not segmented, the attack can spread from entry points such as secondary equipment in a shop and office workstations to critical components such as fuel management controls. The usage of unencrypted protocols (HTTP, CDP, FTP, Telnet, etc.) in the gas station network may allow adversaries to disclose sensitive information for further attack development. 

Another critical but evergreen problem is vulnerabilities or security flaws in the fuel controller, POS terminals, and network equipment, as well as corporate endpoints and applications. In 2015, 5,800 automatic tank gauges (ATGs) were found to be exposed to unauthorized access from the internet because of a lack of password protection on a serial port. ATG is an electronic component placed in the tank that monitors the level of fuel and checks if it is leaking fluid. And through this serial port, the ATG can be programmed. If the signal it transfers is not correct, the operator won’t get an alert about any deviation. Figures from 2015 also suggested that at the time, most systems were in gas stations in the US and represented 3% of those used in the country. By compromising such critical systems as automatic tank gauges, criminals can unlock options for fraud or even physical damage. 

It is also important to verify all workstations used on the forecourt such as points of sale, back-office systems, fuel controllers or payment terminals, as well as their configuration and even access to USB ports. For example, a lack of encryption or incompliancy to the PCI DSS standard in a payment system can contribute to the risk of an attack. For a fuel controller, it is also important to check industrial protocols. Lack of source authentication or integrity control may give adversaries, performing a man-in-the-middle attack, the opportunity to intercept data and manipulate station controllers. 

Another point to manage is wireless gateways and reader units. A security assessment should be performed to identify insecure industrial protocols, the possibility of jamming and spoofing attacks. 

How to improve

There are major security measures that should help increase the overall level of operational technology infrastructure. It is applicable to fuel stations but is no less relevant to any industrial network. 

Network security: Purpose-based network segmentation enhances overall security and minimizes the surface of a possible attack. The segment of the network that has access to untrusted parts of it, such as corporate IT, should also be separated and protected with appropriate enterprise-grade protection software. 

Passive OT network monitoring is essential for asset and communication inventory and detection of intrusions before they affect the technological process. Monitoring data also helps IT security teams to analyze events and consider hardening measures. 

Access control: This should include restricting physical and logical access to the automation and control system. Security measures for remote access control for service companies will help to avoid third-party incidents. 

Endpoint protection: It is important to implement specialized industrial-grade security software for OT hosts and servers. Ensure that the software is approved by the automation vendor and compatible with its solutions. This should help to avoid a situation where the protection product affects operation functions. 

Security management: A system for centralized security event collection and protection software policy management should be implemented. It is also important that the solution allows vulnerability and patch management. If the system can be integrated with Security Information and Event Management (SIEM), that is a ‘nice to have’ option for organizations that plan to upgrade their protection level. Real-time continuous monitoring and endpoint data collection with rules-based response and analysis capabilities will help to further improve protection from advanced attacks. 

A more fundamental approach that involves long-term measures is also important to improve the overall cybersecurity posture. This means adhering to industry standards for information security controls such as IEC 62443, NIST, NERC CIP, and so on. The organization should also conduct penetration testing or security analysis regularly, to identify vulnerabilities and information security problems before they are exploited by someone. And then, of course, follow all recommended measures to fix them properly. 

Going deeper, there are specific requirements for companies with different levels of protection. But the measures listed above are essential to fill most cybersecurity gaps. Be it a fuel station, refinery, or giant car manufacturer, the basic principles of OT and IT protection should allow the company to build a reliable cybersecurity system and develop it according to their needs. This will provide a great foundation for satisfied business owners and happy clients. 

TECHNOLOGY

Shell empowers Filipino SMEs thru award-winning Fleet App

5:09 p.m. July 8, 2025

Shell Pilipinas Corporation is empowering small and medium enterprises (SMEs) across the country through the Shell Fleet App (SFA), a first-of-its-kind mobile solution that streamlines fleet and fuel management in a secure and paperless way.

Launched in 2022, the app allows business owners to manage their Shell Fleet Card, control fuel spend, track driver activity, and access real-time reports, all in one platform. By simplifying traditional processes and eliminating paperwork and manual tracking, SFA gives SMEs the ability to operate with greater ease, visibility, and efficiency.

A Digital Response to a Growing SME Sector

With SMEs comprising 99.5% of registered businesses in the Philippines, Shell saw a critical need for tools tailored to their daily challenges. The app condenses the typical fleet card application process into just five minutes and has already contributed to a tenfold increase in SME customer acquisitions. According to Deepti Behl, Global Head of SMEs GM of Digital Products & Marketing at Shell Fleet Solutions, the app helps owners reclaim their time and streamline operations. “We designed the app to empower SME owners to manage their fleets anytime, anywhere. It reduces admin work, offers peace of mind, and enables entrepreneurs to focus on growth.”

Transforming Daily Operations

From automotive to retail and construction, Shell Fleet App users from various sectors have reported positive results. Business owners describe smoother daily operations, real-time visibility of fuel spend, and faster driver and expense management, all while on the go. Their testimonials reinforce SFA as not just a convenience but a business enabler.

With its core benefits, the app is purpose-built for Filipino SMEs. Whether it’s tracking fuel usage in real time, enabling seamless automated payments, or offering savings for the purchase of Shell lubricants, the app provides everyday value while helping ease cash flow pressures for small business owners.

Recognized Across Asia for Innovation

The Shell Fleet App’s breakthrough approach has earned multiple regional and international recognitions. Most recently, it won its third award, the Stevie Award at the 2024 Asia-Pacific Stevie Awards, further cementing its status as a world-class solution for small and medium enterprises. The app was also previously named Digital Transformation Initiative of the Year for the Philippines at the 2024 Asian Oil & Gas Awards and received the User Experience of the Year for Energy at the 2022 Asian Experience Awards. These accolades highlight Shell’s commitment to digital innovation that directly improves the way businesses operate.

A Future-Focused Commitment

Shell Pilipinas remains focused on developing tech-driven tools that help Filipino entrepreneurs grow and thrive. With regular updates informed by user feedback, the Shell Fleet App continues to evolve, shaping the future of fuel and fleet management for SMEs nationwide.

The Shell Fleet App is available for download on both the Apple App Store and Google Play Store. SMEs can get started in minutes by downloading the app, signing up, and instantly unlocking access to Shell Fleet Card benefits. For more information, customers may visit the Shell Fleet Card for Small Business website or call the Shell Customer Service Hotline at +632 8878 8811.

Continue Reading

TECHNOLOGY

Canva breaks ground as first design connector for OpenAI’s ChatGPT

3:22 p.m. July 6, 2025

In a landmark leap for AI-powered creativity, Canva has become the first design platform to deeply embed its creative suite into the world’s most advanced AI tools, including ChatGPT.

Two major launches – the deep research connector with ChatGPT and the Canva Model Context Protocol (MCP) Server – turn Canva into a powerful AI platform that plugs seamlessly into AI assistants and agents to securely access your designs and generate new ones, all within the same conversation.

As businesses and creators increasingly adopt AI-first workflows, Canva is pioneering a new era of AI-native design. Whether analyzing a marketing campaign, drafting a business plan, or generating social content, you can now brainstorm, design, and publish without leaving your AI assistant, unlocking new levels of creativity and speed.

By bringing Canva’s creative power directly into AI assistants, Canva is redefining how its 240 million users, including 95% of Fortune 500 companies, design, collaborate, and communicate, streamlining the entire content journey from concept to completion.

“AI agents and assistants have become indispensable creative partners, yet current workflows require users to manually add context or references, creating complexity,” said Anwar Haneef, GM and Head of Ecosystem at Canva. “We’re embedding Canva directly into the AI tools people use every day so they can brainstorm, create, and publish content faster. This is a major step in our vision to make the complex simple and build an all-in-one AI workflow that’s secure and accessible to all.”

Your Canva designs, accessible in ChatGPT
Canva’s deep research connector with ChatGPT will now connect users’ designs directly to OpenAI’s most advanced model, enabling specific, thoughtful, and context-rich responses grounded in your past work. Without needing to switch between tabs or dig for information, users can simply prompt ChatGPT to analyze or refine content across Canva Docs, Presentations, and more. With instant access to your design history, this integration removes friction and makes cross-platform creation and collaboration effortless.

Privacy and security are built in from the ground up. Every interaction is protected by Canva Shield, the company’s comprehensive AI trust and safety framework.

Continue Reading

TECHNOLOGY

Acer maintains No. 1 personal computer market share in Philippines

12:11 p.m. July 5, 2025

Acer secured the top position in the Philippine personal computer market in Q1 2025, with a 35.7% total market share, a 34.2% share in consumer notebooks, and an impressive 40.6% share in gaming laptops, according to market research firm GfK.

Acer also delivered a strong performance in April, with its notebook segment reaching a 36% market share, further cementing its dominance. 

Acer’s success can be credited to a multi-faceted marketing approach, including strategic partnerships with brand ambassadors. This method has proven very effective in expanding Acer’s nationwide reach and strengthening its local branding efforts.

A prime example is Acer’s partnership with the “Kings of P-pop,” SB19. This collaboration has been key in maintaining Acer’s relevance to its customer base, especially among the younger demographic. The partnership between Acer and SB19 began before their official ambassadorship for Acer Day and endorsement with Acer and Acerpure in 2021.

“Our partnership with SB19 works because we share the same values and energy. Also, the group’s strong social media presence and its ability to create engaging content have allowed us to reach and connect with our customers,” said Sue Ong-Lim, Managing Director at Acer Philippines.

Recently, Acer co-presented SB19’s “Simula at Wakas” world tour stop in Taiwan, further strengthening the brand’s connection with SB19’s fans. SB19 also visited Acer’s Taipei headquarters as “one-day employees” to experience the brand’s innovations firsthand. 

Acer Chairman and CEO Jason Chen, along with Pan-Asia Pacific President Andrew Hou, personally met with the group and gifted each member a Predator Helios 18 gaming laptop.

During the group’s visit to Taiwan, SB19 visited Acer’s product experience center. They also tried the latest gaming laptops and the FreeSense Ring smart wearable developed by Acer Fashion. They participated in a design workshop to brainstorm ideas for laptop aesthetics and compact home appliances.  As the partnership marks its fifth year, Acer and SB19 look forward to more fruitful and productive years together.

For more information about Acer, follow Acer Philippines on its social media platforms: @AcerPH on Facebook, @acerph on Instagram, and @acerphils on Twitter, or go to www.acer.com. 

Continue Reading