Maroochy Water Breach

Maroochy Water Breach was an incident in 2000 where an adversary leveraged the local government’s wastewater control system and stolen engineering equipment to disrupt and eventually release 800,000 liters of raw sewage into the local community.[1]

ID: C0020
First Seen:  February 2000 [1]
Last Seen:  April 2000 [1]
Version: 1.0
Created: 10 March 2023
Last Modified: 05 April 2023

Techniques Used

Domain ID Name Use
ICS T0878 Alarm Suppression

In the Maroochy Water Breach, the adversary suppressed alarm reporting to the central computer.[1]

ICS T0879 Damage to Property

In the Maroochy Water Breach, the adversary gained remote computer access to the control system and altered data so that whatever function should have occurred at affected pumping stations did not occur or occurred in a different way. This ultimately led to 800,000 liters of raw sewage being spilled out into the community. The raw sewage affected local parks, rivers, and even a local hotel. This resulted in harm to marine life and produced a sickening stench from the community's affected rivers.[1]

ICS T0813 Denial of Control

In the Maroochy Water Breach, the adversary temporarily shut an investigator out of the network preventing them from issuing any controls.[1]

ICS T0815 Denial of View

In the Maroochy Water Breach, the adversary temporarily shut an investigator out of the network, preventing them from viewing the state of the system.[1]

ICS T0822 External Remote Services

In the Maroochy Water Breach, the adversary gained remote computer access to the system over radio.[1]

ICS T0838 Modify Alarm Settings

In the Maroochy Water Breach, the adversary disabled alarms at four pumping stations, preventing notifications to the central computer.[1]

ICS T0836 Modify Parameter

In the Maroochy Water Breach, the adversary gained remote computer access to the control system and altered data so that whatever function should have occurred at affected pumping stations did not occur or occurred in a different way. The software program installed in the laptop was one developed for changing configurations in the PDS computers. This ultimately led to 800,000 liters of raw sewage being spilled out into the community.[1]

ICS T0848 Rogue Master

In the Maroochy Water Breach, the adversary falsified network addresses in order to send false data and instructions to pumping stations.[1]

ICS T0856 Spoof Reporting Message

In the Maroochy Water Breach, the adversary used a dedicated analog two-way radio system to send false data and instructions to pumping stations and the central computer.[1]

ICS T0864 Transient Cyber Asset

In the Maroochy Water Breach, the adversary utilized a computer, possibly stolen, with proprietary engineering software to communicate with a wastewater system.[1]

ICS T0855 Unauthorized Command Message

In the Maroochy Water Breach, the adversary used a dedicated analog two-way radio system to send false data and instructions to pumping stations and the central computer.[1]

ICS T0860 Wireless Compromise

In the Maroochy Water Breach, the adversary used a two-way radio to communicate with and set the frequencies of Maroochy Shire's repeater stations.[1]

References