[LINK] Maroochy Sewage Cyber-Terrorism [Was: GAO sees threats ...]
Roger.Clarke at xamax.com.au
Thu Apr 1 14:05:54 EST 2004
>GAO sees threats to industrial systems
>BY Dibya Sarkar
>Federal Computer Week
>Thursday, April 1, 2004
>... said Robert Dacey, GAO's director of information security
>issues. "Control systems have already been subject toa number of
>cyberattacks, including documented attacks on a sewage treatment
>system in Australia in 1999 ...
The national security community really does have to flog very hard
the rare instances of 'cyber-terrorism' that they can dredge up.
I just spent 15 minutes 'google-researching' this matter (something
which I suspect few of the people who quote the case have done).
Firstly, some uses of the story.
Secondly, the facts.
Thirdly, an interpretation of the facts.
An [esteemed] academic spruiker (Dorothy Denning):
"Brisbane hacker used radio transmissions to create raw sewage
overflows on Sunshine coast in 2000"
A commercial spruiker:
"Mr Spinney quoted an example: An Australian man was jailed two years
for wilfully causing serious environmental damage when he hacked into
a city's computer-controlled sewage system and releasing raw sewage
into local creeks and parks"
A radio pundit:
"There was a case in Australia awhile back where a sewage disposal
computer system was broken into. So they faced a sewage problem in
the town until they could get the system restarted."
A DoD spruiker:
"A major city's sewage system could also be a target, indeed a cyber
attack in the Sunshine coast in Queensland occurred in March and
April 2000 in which raw sewage was made to be pumped into the local
[It continues with the hilarious "The now disused Spotswood sewage
pumping station in Melbourne was known to be a strategic target in
wartime Australia". So in WWII, the Japanese mini-subs in Sydney
harbour were training, for their real target in Melbourne? Or in the
Korean War, the generals in the North had the time to find out where
Melbourne was? Or in the Vietnam era, the nasty little Vietcong were
going to use their tunnelling ability to bob up in suburban
Here's a more useful report:
Qld Enviromental Protection Newsletter:
"In the Maroochy District Court last October [2000? 2001?], Vitek
Boden was convicted and sentenced to prison for wilfully causing
serious environmental harm after releasing hundreds of thousands of
litres of raw sewage into a public area at Pacific Paradise north of
Maroochydore in early 2000.
"Boden was also jailed for a total of two years on numerous charges
of computer hacking and stealing. The sentences were to be served
I can't find a report on the original case in the Maroochy District Court.
The appeal to the Qld Supreme Court on 10 May 02 is here:
 The Crown case on the computer hacking offences was that between
9 February 2000 and 23 April 2000 the appellant accessed computers
controlling the Maroochy Shire Council's sewerage system, altering
electronic data in respect of particular sewerage pumping stations
and causing malfunctions in their operations
 [Boden], an engineer, had been employed by Hunter Watertech as
its site supervisor on the project [to install Maroochy Shire
Council's sewerage control system] for about two years. [He didn't
get a job with the Council, so he used his knowledge of the system to
crack into it]
 [what Boden did was to gain] access to the system and [alter]
data so that whatever function should have occurred at affected
pumping stations did not occur or occurred in a different way. The
central computer was unable to exercise proper control and, at great
inconvenience and expense, technicians had to be mobilised throughout
the system to correct faults at affected pumping stations. On the
occasion the subject of count 45, a pumping station overflowed
causing raw sewerage to escape.
 ... a strong circumstantial case ... [and no evidence was
presented in defence, and the defendant sacked his lawyer]
(1) it was in essence 'an inside job' (although performed after the
person had left the project);
(2) it was quite probably not specifically intended by the cracker
(although the cracker's action was the proximate cause of the
(3) the motivation was revenge, not terrorism].
Boden had some minor wins in the appeal, but the sentence remained intact.
Boden had a few minutes before McHugh and Kirby on 25 Jun 03:
[The above suggests that Boden is both intelligent and daft.
Doubtless that's enough to get you onto a terrorism watch-list these
Roger Clarke http://www.anu.edu.au/people/Roger.Clarke/
Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
Visiting Professor in the eCommerce Program, University of Hong Kong
Visiting Professor in the Baker Cyberspace Law & Policy Centre, U.N.S.W
Visiting Fellow in Computer Science, Australian National University
More information about the Link