[LINK] Vitek Bowden, Sunshine Coast, sewage treatment plant a ttack

Chirgwin, Richard Richard.Chirgwin at informa.com.au
Wed Jun 18 09:29:14 EST 2003


Roger,

Here's a news story from the time:
<http://www.news.com.au/common/story_page/0,4057,3161206%255E1702,00.html>
Some snips:
The Maroochydore District Court heard that 49-year-old Vitek Boden was a
"disgruntled" former employee of the company that installed a computerised
sewerage system for Maroochy Shire Council.
...
The court was told on April 23 last year, police pulled Boden over in his
car less than one hour after one of the sabotage attempts on the system.
They found a variety of electronic equipment, including a two-way radio and
a computer with programs for hacking into the council's sewerage pumping
stations.
...

I'm sure that court records would also exist...

So it was a hack, but the Internet had nothing to do with it. In Australia
at least, the Internet has nothing to do with critical infrastructure. It
would take a brain-donor to connect such systems to the 'net. At the moment,
closed networks are the rule. Most sites like these interconnect with
private fibre. Some use Telstra fibre, older systems run on DDS.

Some of the systems involved use TCP/IP in these networks, with no Internet
connectivity. However, according to a service provider contact I quizzed
about this, utilities are very reluctant even to go so far as a private IP
network for critical infrastructure. Believe it or not, there is still X.25
out there in the "critical infrastructure" world.

<rant>
"Critical infrastructure at risk" is too good a story. It's damn-near
impossible to debunk when such a personage as the Astronomer Royal, Sir
Martin Rees, can write that:
"a malfunction in cyberspace can cause havoc worldwide to a significant
segment of the economy: air transport, power generation, or the financial
system."

I'm not the Astronomer Royal; hence I lack the status to say 'bulldust'. But
I sure can think it. Regrettably, even Counterpane's Bruce Steiner is
probably insufficient to debunk the scare story de jour... this is Y2k.

I will put another agenda on the table. When the drug companies want to sell
a new drug, they start by publicising the disease. I think "critical
infrastructure" scare stories are at least partly driven by a similar
agenda.

Richard C

> -----Original Message-----
> From: Roger Clarke [mailto:Roger.Clarke at xamax.com.au]
> Sent: Wednesday, 18 June 2003 05:58
> To: link at anu.edu.au
> Subject: [LINK] Vitek Bowden, Sunshine Coast, sewage treatment plant
> attack
> 
> 
> 
> Another great Bruce article, attacking the myth of cyberterrorism.
> 
> But can anyone point to good sources on the Vitek Bowden, Sunshine 
> Coast, sewage treatment plant attack of 2000 ??
> 
> 
> >Date: Sun, 15 Jun 2003 05:15:48 -0500
> >To: crypto-gram at chaparraltree.com
> >From: Bruce Schneier <schneier at counterpane.com>
> >Subject: CRYPTO-GRAM, June 15, 2003
> >http://www.counterpane.com/crypto-gram.html
> ...
> >** *** ***** ******* *********** *************
> >           The Risks of Cyberterrorism
> ...
> >The closest example we have of [infrastructure attack] comes 
> from Australia
> >in 2000.  Vitek Boden broke into the computer network of a sewage
> >treatment plant along Australia's Sunshine Coast.  Over the course of
> >two months, he leaked hundreds of thousands of gallons of 
> putrid sludge
> >into nearby rivers and parks.  Among the results were black creek
> >water, dead marine life, and a stench so unbearable that residents
> >complained.  This is the only known case of someone hacking a digital
> >control system with the intent of causing environmental harm.
> 
> -- 
> Roger Clarke              http://www.anu.edu.au/people/Roger.Clarke/
> 
> Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
>                  Tel: +61 2 6288 1472, and 6288 6916
> mailto:Roger.Clarke at xamax.com.au            http://www.xamax.com.au/
> 
> Visiting Professor in the eCommerce Program, University of Hong Kong
> Visiting Professor in the Baker Cyberspace Law & Policy 
> Centre, U.N.S.W
> Visiting Fellow in Computer Science, Australian National University
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
> 


More information about the Link mailing list