Vulnerability Assessments | SCADA Security

In April 2000 an ex employee of Hunter Watertech, a supplier of Maroochy Water Services' remote control and telemetry equipment, was arrested for illegally accessing the Council's sewerage management system. During March and April 2000 this person made 46 successful intrusions into the sewerage management system. It is alleged that he was vying for a contract position with Maroochy Water Services to correct faults in the system, faults that were later attributed to his own illegal activities.

After resigning from his position at Hunter Watertech, and later being refused a new position with Maroochy Water Services, he began a sabotage campaign against the sewerage management system. To gain access to the system he used:

Each time he gained access to the system, the laptop assumed the functions of a pumping station and was able to access nodes governing the control of the sewerage system operations. While in control of the system he caused numerous pump station shutdowns resulting in millions of litres of raw sewage spilling into local parks and rivers including the grounds of a 5 star resort. He was later found guilty on 30 charges including computer hacking, theft and causing significant environmental damage and was fined and sentenced to two years jail in 2001.

The unauthorised intrusions resulted in direct costs of $13,000 in clean up costs for the sewage spilt and $176,000 in extra monitoring and security of the system. It also resulted in an extensive and costly in-house investigation, extensive media activity, and a loss of Maroochy Water Service’s reputation over a five month period.

SQL Slammer Worm

On the 25th of January 2003 an Internet based worm was released onto the world. The spread of this worm across the Internet was prolific. Compromised systems generated considerable network traffic, effectively denying service to all other network users. It became known as the SQL Slammer worm or Slammer for short.

Slammer exploited a vulnerability in a Microsoft database product and SCADA systems that utilised this product were potentially vulnerable to the worm. At the Davis-Besse nuclear power plant in Ohio USA, worm activity on the Process Control Network blocked SCADA traffic causing the operators to lose some degree of control of the system. As a consequence, the plant's Safety Parameter Display System and Plant Process Computer were downed for four hours, fifty minutes and six hours, nine minutes respectively.