Malicious Control System Cyber Security Attack Case Study-Maroochy Water Services, Australia

Abstract

The 2000 Maroochy Shire cyber event is the second in a series of control system cyber events analyzed to determine the effectiveness of NIST Special Publication (SP) 800-53 controls on industrial control systems. The event has been documented in Court proceedings, a Maroochy Water Services presentation, and other documentation available in the public domain. The event was an intentional, targeted attack by a knowledgeable person on an industrial control system. The case study examines the event from a cyber security perspective. It provides the timelines and cyber issues, examines the NIST SP800-53 controls that were violated or not met, and posits the potential mitigation that would have occurred if the NIST SP800-53 controls had been followed. The intent of this analysis is not to criticize any actions taken, but to look forward as to how lessons learned from this case can be of help to prevent future incidents.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 23, 2008
Accession Number
AD1107275

Entities

People

  • Joe Weiss
  • Marshall Abrams

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Business Administration
  • Communication Systems
  • Computer Access Control
  • Computer Programs
  • Computers
  • Contractors
  • Control Systems
  • Cybersecurity
  • Digital Media
  • Employment
  • Information Processing
  • Information Systems
  • Laptop Computers
  • Mobile Devices
  • Multiple Access
  • Personnel Management
  • Radio Equipment

Readers

  • Cybersecurity.
  • Military History of the United States in the 20th Century.

Technology Areas

  • Cyber