Maroochy

The 2000 Maroochy Shire cyber event was an intentional and targeted attack made by a skilled individual on an industrial control system. This ex-employee worked for Hunter Watertech, an Australian firm which implemented SCADA (Supervisory Control and Data Acquisition) radio-controlled sewage equipment for the Maroochy Shire Council in Australia. He then applied for a job with the Council, evidently after he left the company due to a 'strained relationship' with Hunter Watertech, but was not hired conclusively. As an attempt to get even with the Council and his former employer, he disguised his commands to appear as if coming from one of the pumping stations through the use of a stolen radio equipment and possibly a misappropriated computer from Hunter Watertech. He was then capable of causing the pumps to malfunction causing 800,000 litres of raw sewage spillage into the local parks and rivers. and further conceal his attacks by disabling the alarms of four pumping stations. The loss of communication between the central computer and various pumping stations was only notified, at that time, to the water treatment company as a series of 'faults' and dispatched technicians to apply some countermeasures that are ineffective.

Fig. 6: Network topology of the Hunter Watertech

As with this scenario, the negligence in revoking all access to the systems and infrastructures from employees / vendors who left the organization is captured in our CISSA Case. Enhancing these organizational aspects can certainly have an impact on a system's security level.

Fig. 7: Workflow of the network system of the sewage pumping facility
Download Maroochy_CISSA.zip