CS5032 Case study Maroochy water breach
-
Upload
ian-sommerville -
Category
Technology
-
view
605 -
download
2
Transcript of CS5032 Case study Maroochy water breach
Maroochy SCADA attack, 2013 Slide 1
CNI Case StudyMaroochy water breach
Maroochy SCADA attack, 2013 Slide 2
Maroochy
• Local government area about 100km north of Brisbane, Australia
• In 2000, the area sewage system had 47 unexpected faults causing extensive sewage spillage
• SCADA controlled system with 142 pumping stations over 1157 sq km
Maroochy SCADA attack, 2013 Slide 3
What happened
• Pumps not operating when they should have been
• Alarms not reporting problems to control centre
• Communication failures between control centre and pumping stations
More than 1m litres of untreatedsewage released into waterways and local parks
Maroochy SCADA attack, 2013 Slide 4
SCADA setup
• Special-purpose control computer at each station to control valves and alarms
• Each system communicates with and is controlled by central control centre
• Communications between pumping stations and control centre by radio, rather than wired network
Automated operation
All electronics in single cabinet
Pumps etc. are underground
Maroochy SCADA attack, 2013 Slide 5
Insider attack
• Vitek Boden worked for Hunter Watertech (system suppliers) with responsibility for the Maroochy system installation. He left in 1999.
• He tried to get a job with local Council but was refused
• He then decided to get revenge on both his previous employer and the Council by launching attacks on the SCADA systems
• Insiders don’t have to work inside an organisation!
Maroochy SCADA attack, 2013 Slide 6
How it happened
• Boden stole a SCADA configuration program from his employers when he left and installed it on his own laptop
• He also stole a control computer that could be used to impersonate a genuine machine at a pumping station
• Insecure radio links were used to communicate with pumping stations and change their configurations
Image credit: http://www.pimaweb.org/conference/april2003/pdfs/MythsAndFactsBehindCyberSecurity.pdf
Maroochy SCADA attack, 2013 Slide 7
Incident timeline
• Initially, the incidents were thought to have been caused by bugs in a newly installed system
• However, analysis of communications suggested that the problems were being caused by deliberate interventions
• Problems were caused by a specific station id (14)
• System was configured so that that id was not used so messages from there had to be malicious
• Boden put under surveillance, car stopped and stolen hardware and radio system discovered
Maroochy SCADA attack, 2013 Slide 8
Causes of the problems
• Installed SCADA system was completely insecure
– No security requirements in contract with customer
• Procedures at Hunter Watertech were inadequate to stop Boden stealing hardware and software
• Insecure radio links were used for communications
• Lack of monitoring and logging made detection more difficult
• No staff training to recognise cyber attacks
• No incident response plan in place at Maroochy Council
Maroochy SCADA attack, 2013 Slide 9
Aftermath
• On October 31, 2001 Vitek Boden was convicted of:
– 26 counts of willfully using a computer to cause damage
– 1 count of causing serious environment harm
• Jailed for 2 years