The Sewage Incident - When Operational Technology Isn't Secure

Jack Rhysider · Advanced ·📄 Research Papers Explained ·3y ago

Key Takeaways

The video discusses a real-life incident of a sewage system hack in Australia, where a former employee used his knowledge of the industrial control system to sabotage the system, and explores the concepts of Operational Technology (OT) security and the importance of securing critical infrastructure. The incident highlights the potential consequences of insider threats and the need for robust security measures to prevent such attacks.

Full Transcript

[Music] Hell hath no fury doesn't just apply to people scorned in love in early 2000 the sewage system in Australia's Marucci Shire suddenly had a big problem almost overnight there were hundreds of thousands of gallons of sewage spilling everywhere into Fields Parks rivers and the sewage plant Engineers were scrambling to figure it out this is darknet Diaries oh [Music] Australian shires are like American counties and Marucci Shire has about 130 000 residents and it's in Australia's state of Queensland about 60 miles north of Brisbane the shires Wastewater system like many similar systems around the world uses scada scada controls things like Valves and gates at sewage plants scada systems often need to be extra secure so a lot of them aren't Internet connected and these sewage pumps weren't Internet connected in order to control them you had to be at the sewage plant or at one of the pumping stations there was just no way to access them outside of that and there were over 140 pumping stations across this area from January to April of 2000 the Wastewater systems experienced quite a few mysterious outages like false alarms would sometimes happen or pumping configs would get out of whack and sometimes remote pumps would just go dark and a crew would have to go on site to restore connectivity the wastewater treatment systems were Main contained by a company called Hunter Water Tech and one of its Engineers was tasked with figuring out why these mysterious problems were happening but if you've troubleshot anything ever you know how annoying and hard it can be to fix a problem that only sporadically happens if you can't replicate the problem it's really hard to find a solution for it so he was having trouble figuring out why problems kept happening he would fix a problem but then a new problem would arise like a week or two later and then he'd fix that but then the original problem would come back he eventually decided to just reinstall the whole scada system but the pumping problems came back anyway no scada systems are OT systems not it OT is operational technology and it requires a totally different skill set than someone who's good at it OT is stuff that controls pumps and Valves and Industrial Equipment the engineers were trying to figure out what was going on so they installed some logging software on these systems and by March of 2003 months into troubleshooting this they realize all these problems were caused by a human someone was going into these systems and causing them to malfunction someone was sabotaging the sewage plant and specifically whoever was doing this was focused on creating problems for pumping station number 14. this shouldn't be possible the engineers at Hunter water tech weren't the ones doing this this wasn't the work of some incompetent engineer or something someone was accessing this pumping station from outside the company and like I said earlier this pumping station was air gapped the only way to get in there was to be present at the station and have physical access to the controllers it not possible to connect to any of these stations through the internet the engineers checked out pumping station number 14 but were baffled when they found it was working properly no indicators of faultiness anywhere well usually at least on the rare occasion like maybe once a week or every other week a fault would occur and they'd scramble to fix it right away and while these faults were being tracked down and fixed the pumping station in a suburb in Queensland failed sending 264 thousand gallons of raw sewage to just spill out everywhere at first into a field but then the sewage flowed into some residential areas and that flowed into a park which then flowed into a river cleanup Crews were quickly dispatched to try to divert and contain the sewage and keep people back after this spell Hunter watertech had enough of this sabotage and contacted the police they turned over logs and information that they gathered in their investigation and the police looked through this information and their number one suspect was 48 year old vitek Bowden vitek was a former employee of Hunter water tech a company that operated the sewage plants but vitec recently resigned from the company when the police caught up with vitek they found him near a pumping station with equipment in his car radios antennas programmable logic controllers and a laptop vitek said he was just doing some research and was not there to sabotage the place police had enough evidence to arrest him vitek worked as the site supervisor for Hunter water tech on this very sewage plant he's the one who installed the pump controls for some of the pump stations but vitek didn't have good relations with his bosses they didn't agree with some of the things he was doing like the way he would install firmware on some of these pumps was not the way he was told to do it and so his bosses came down on him for that and this caused some tensions in December of 1999 vitek had an argument with his superiors and quit his job at the sewage plant apparently he was pretty unhappy about what happened there and wanted to exact revenge on Hunter Water Tech and his boss is there vitek had been using his knowledge of the industrial control system to overload it by using his own laptop and a radio and a programmable logic controller a PLC that he took from Hunter water tech since he was the one who set up some of these pumping stations and he knew how they were configured he knew that they were controllable by Wireless radios and he remembered what frequency those radio videos were set to so if he had the right equipment and drove close enough to pumping Station 14 and aimed his antenna just right he could connect to it and manipulate it he even did things to cover his tracks to make it look like it was just malfunctioning over a four-month period in early 2000 vitek remotely connected to Marucci shire's sewage system over 40 times which ultimately resulted in him causing the sewage system to fail and hundreds of thousands of gallons of sewage spilling everywhere making this the first Revenge sewage attack ever in October 2001 vitek was jailed for two years and fined over thirteen thousand dollars making him one of Australia's most notorious hackers well at least according to the Sydney Morning Herald I'm Jack recider thanks for listening to hear more stories like this check out my podcast Dark Knight Diaries [Music]

Original Description

Overnight, a small town in Australia was overflowing with raw sewage from a local wastewater treatment plant. The OT systems looked like they were being tampered with. But by who? Video content in this video is not actual footage from the incident and is dramatized for your viewing pleasure. Researched & Written by Joyanta Acharjee Edited & Narrated by Jack Rhysider Artwork by Odi Bagas Video Production & Editing by Avital Oehler Assistant Video Editing by William Ibarra Sources: https://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage/ https://web.mit.edu/smadnick/www/wp/2017-09.pdf https://www.linkedin.com/pulse/maroochy-incident-18-years-later-rob-hulsebos https://www.tripwire.com/state-of-security/ics-security/the-next-disruptive-ics-attacker-a-disgruntled-insider/ https://www.forbes.com/2007/08/22/scada-hackers-infrastructure-tech-security-cx_ag_0822hack.html?sh=5cebb3f16819 https://forums.mrplc.com/index.php?/topic/32023-protocols-allowed-by-pds-compact-500/
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from Jack Rhysider · Jack Rhysider · 31 of 60

1 XBee Basics - Lesson 3 - API Mode: Digital Input from Remote Sensor
XBee Basics - Lesson 3 - API Mode: Digital Input from Remote Sensor
Jack Rhysider
2 XBee Basics - Lesson 4 - API mode: Reading analog data from remote XBee
XBee Basics - Lesson 4 - API mode: Reading analog data from remote XBee
Jack Rhysider
3 XBee Basics - Lesson 5 - API mode: Send Digital Output to a Rmote XBee
XBee Basics - Lesson 5 - API mode: Send Digital Output to a Rmote XBee
Jack Rhysider
4 Diamond Model of Intrusion Analysis - An Overview
Diamond Model of Intrusion Analysis - An Overview
Jack Rhysider
5 Getting Started with Metasploit
Getting Started with Metasploit
Jack Rhysider
6 Darknet Diaries - Ep 1: The Phreaky World of PBX Hacking
Darknet Diaries - Ep 1: The Phreaky World of PBX Hacking
Jack Rhysider
7 Ep 2: The Peculiar Case of the VTech Hacker
Ep 2: The Peculiar Case of the VTech Hacker
Jack Rhysider
8 Ep 5: #ASUSGATE
Ep 5: #ASUSGATE
Jack Rhysider
9 Ep 7: Manfred Part 1: Hacking Online Video Games for Fun
Ep 7: Manfred Part 1: Hacking Online Video Games for Fun
Jack Rhysider
10 Ep 8: Manfred Part 2: Hacking Online Video Games for Profit
Ep 8: Manfred Part 2: Hacking Online Video Games for Profit
Jack Rhysider
11 Ep 12: Crypto Wars
Ep 12: Crypto Wars
Jack Rhysider
12 Highlights from ToorCamp 2018
Highlights from ToorCamp 2018
Jack Rhysider
13 XBee Basics - Lesson 2 - Simple Chat Between Two XBess in AT Mode
XBee Basics - Lesson 2 - Simple Chat Between Two XBess in AT Mode
Jack Rhysider
14 What Lives Behind The Blue Screen | Human Readable
What Lives Behind The Blue Screen | Human Readable
Jack Rhysider
15 Top 7 Most Elite Nation State Hackers
Top 7 Most Elite Nation State Hackers
Jack Rhysider
16 The Raven by Edgar Allan Poe
The Raven by Edgar Allan Poe
Jack Rhysider
17 Podcast Promotion Strategies that Work
Podcast Promotion Strategies that Work
Jack Rhysider
18 Top 7 Most Notorious Video Game Hackers
Top 7 Most Notorious Video Game Hackers
Jack Rhysider
19 8 Biggest Cyber Heists Ever Pulled Off
8 Biggest Cyber Heists Ever Pulled Off
Jack Rhysider
20 10 Biggest Exit Scams of All Time
10 Biggest Exit Scams of All Time
Jack Rhysider
21 The Hack That Made Google Shut Down | Darknet Diaries Ep. 19: Operation Aurora
The Hack That Made Google Shut Down | Darknet Diaries Ep. 19: Operation Aurora
Jack Rhysider
22 AT&T Charged Him $900 So He Took Down Their Network | Darknet Diaries Ep. 20: mobman
AT&T Charged Him $900 So He Took Down Their Network | Darknet Diaries Ep. 20: mobman
Jack Rhysider
23 A Clipboard is All You Need to Break Into a Building | Darknet Diaries Ep. 22: Mini-Stories Vol. 1
A Clipboard is All You Need to Break Into a Building | Darknet Diaries Ep. 22: Mini-Stories Vol. 1
Jack Rhysider
24 Darknet Diaries (Theme Music) - True Stories From the Dark Side of the Internet
Darknet Diaries (Theme Music) - True Stories From the Dark Side of the Internet
Jack Rhysider
25 Why an Innocent Man Confessed to Medical Extortion Hacking🎙Darknet Diaries Ep. 25: Alberto
Why an Innocent Man Confessed to Medical Extortion Hacking🎙Darknet Diaries Ep. 25: Alberto
Jack Rhysider
26 How to Get Your Podcast to the Top of Apple for $5🎙Darknet Diaries Ep. 27: Chartbreakers
How to Get Your Podcast to the Top of Apple for $5🎙Darknet Diaries Ep. 27: Chartbreakers
Jack Rhysider
27 The Secret Hacking Unit of the Israeli Military🎙Darknet Diaries Ep. 28: Unit 8200
The Secret Hacking Unit of the Israeli Military🎙Darknet Diaries Ep. 28: Unit 8200
Jack Rhysider
28 Jon's Spooky Job Interview🎙Darknet Diaries CLIP ✂ (Ep. 119 Hot Wallets)
Jon's Spooky Job Interview🎙Darknet Diaries CLIP ✂ (Ep. 119 Hot Wallets)
Jack Rhysider
29 He Took Control of 50,000 Printers With 3 Lines of Code🎙Darknet Diaries Ep. 31: Hacker Giraffe
He Took Control of 50,000 Printers With 3 Lines of Code🎙Darknet Diaries Ep. 31: Hacker Giraffe
Jack Rhysider
30 Hacking Is Life-or-Death When You Target a Hospital🎙Darknet Diaries Ep. 121: Ed
Hacking Is Life-or-Death When You Target a Hospital🎙Darknet Diaries Ep. 121: Ed
Jack Rhysider
The Sewage Incident - When Operational Technology Isn't Secure
The Sewage Incident - When Operational Technology Isn't Secure
Jack Rhysider
32 The Cybergang That Stole $1 Billion From ATMs🎙Darknet Diaries Ep. 35: Carbanak
The Cybergang That Stole $1 Billion From ATMs🎙Darknet Diaries Ep. 35: Carbanak
Jack Rhysider
33 The New Guy at the Office Is a Secret Super Hacker🎙Darknet Diaries Ep. 36: Jeremy From Marketing
The New Guy at the Office Is a Secret Super Hacker🎙Darknet Diaries Ep. 36: Jeremy From Marketing
Jack Rhysider
34 Why Was This Bitcoin Millionaire Digging Tunnels Under His House?🎙Darknet Diaries Ep. 39
Why Was This Bitcoin Millionaire Digging Tunnels Under His House?🎙Darknet Diaries Ep. 39
Jack Rhysider
35 It Shouldn't Be THIS Easy to Break Into a Utility Company🎙Darknet Diaries Ep. 40: No Parking
It Shouldn't Be THIS Easy to Break Into a Utility Company🎙Darknet Diaries Ep. 40: No Parking
Jack Rhysider
36 The $30 Million Stock Market Hack🎙Darknet Diaries Ep. 123: Newswires
The $30 Million Stock Market Hack🎙Darknet Diaries Ep. 123: Newswires
Jack Rhysider
37 How to Protect Your Crypto Assets From Thieves
How to Protect Your Crypto Assets From Thieves
Jack Rhysider
38 Sometimes the Best Hacking Tool Is Confidence🎙Darknet Diaries Ep. 41: Just Visiting
Sometimes the Best Hacking Tool Is Confidence🎙Darknet Diaries Ep. 41: Just Visiting
Jack Rhysider
39 The Scammer Who Got Rich Invoicing Facebook & Google for $100 Million🎙Darknet Diaries Ep. 124
The Scammer Who Got Rich Invoicing Facebook & Google for $100 Million🎙Darknet Diaries Ep. 124
Jack Rhysider
40 The Secret Signals Hiding at Hacking's Biggest Conferences🎙Darknet Diaries Ep. 43: PPP
The Secret Signals Hiding at Hacking's Biggest Conferences🎙Darknet Diaries Ep. 43: PPP
Jack Rhysider
41 If You Don't Want to Get Hacked, Try Locking Your Doors🎙Darknet Diaries Ep. 125: Jeremiah
If You Don't Want to Get Hacked, Try Locking Your Doors🎙Darknet Diaries Ep. 125: Jeremiah
Jack Rhysider
42 The Most Epic Xbox Hacker Story You'll Ever Hear🎙Darknet Diaries Ep: 45 Xbox Underground (Part 1)
The Most Epic Xbox Hacker Story You'll Ever Hear🎙Darknet Diaries Ep: 45 Xbox Underground (Part 1)
Jack Rhysider
43 How Hacking an Xbox Destroyed These Teens' Lives🎙Darknet Diaries Ep. 46: Xbox Underground (Part 2)
How Hacking an Xbox Destroyed These Teens' Lives🎙Darknet Diaries Ep. 46: Xbox Underground (Part 2)
Jack Rhysider
44 The Ransomware Group That Went Too Far 🎙️ Darknet Diaries Ep. 126: REvil
The Ransomware Group That Went Too Far 🎙️ Darknet Diaries Ep. 126: REvil
Jack Rhysider
45 This Text Can Hack Your Phone, Even If You Never Open It🎙Darknet Diaries Ep. 47: Project Raven
This Text Can Hack Your Phone, Even If You Never Open It🎙Darknet Diaries Ep. 47: Project Raven
Jack Rhysider
46 Her Never-Ending Quest to Make Zero Days Hard🎙Darknet Diaries Ep. 127: Maddie
Her Never-Ending Quest to Make Zero Days Hard🎙Darknet Diaries Ep. 127: Maddie
Jack Rhysider
47 Rare Interview Where US Cyber Command Reveals Their Ops🎙Darknet Diaries Ep. 50: Op Glowing Symphony
Rare Interview Where US Cyber Command Reveals Their Ops🎙Darknet Diaries Ep. 50: Op Glowing Symphony
Jack Rhysider
48 Inside the Cyber War for Kashmir🎙Darknet Diaries Ep. 51: The Indo-Pak Conflict
Inside the Cyber War for Kashmir🎙Darknet Diaries Ep. 51: The Indo-Pak Conflict
Jack Rhysider
49 How Hackers Jack Your Credit Card When You Shop Online🎙Darknet Diaries Ep. 52: Magecart
How Hackers Jack Your Credit Card When You Shop Online🎙Darknet Diaries Ep. 52: Magecart
Jack Rhysider
50 Jammer! He Just Wanted Privacy, But This Little Device Caused Big Trouble
Jammer! He Just Wanted Privacy, But This Little Device Caused Big Trouble
Jack Rhysider
51 Who Stole the NSA's Top Secret Hacking Tools?🎙Darknet Diaries Ep. 53: Shadow Brokers
Who Stole the NSA's Top Secret Hacking Tools?🎙Darknet Diaries Ep. 53: Shadow Brokers
Jack Rhysider
52 How a Blow-Up Doll Can Be Used To Break Into Buildings🎙Darknet Diaries Ep. 130: Jason's Pen Test
How a Blow-Up Doll Can Be Used To Break Into Buildings🎙Darknet Diaries Ep. 130: Jason's Pen Test
Jack Rhysider
53 How Bitcoin Tracers Rescued 23 Kids From Sex Abuse🎙Darknet Diaries Ep. 131: Welcome to Video
How Bitcoin Tracers Rescued 23 Kids From Sex Abuse🎙Darknet Diaries Ep. 131: Welcome to Video
Jack Rhysider
54 The Dangerous Flaw in Windows XP's 45 Million Lines of Code🎙Darknet Diaries Ep. 57: MS08-067
The Dangerous Flaw in Windows XP's 45 Million Lines of Code🎙Darknet Diaries Ep. 57: MS08-067
Jack Rhysider
55 They Had Permission to Break In, So Why Are They In Jail?🎙Darknet Diaries Ep. 59: The Courthouse
They Had Permission to Break In, So Why Are They In Jail?🎙Darknet Diaries Ep. 59: The Courthouse
Jack Rhysider
56 This Hacker Makes $160K a Day ⁠— After He Got Out of Federal Prison🎙Darknet Diaries Ep. 60: dawgyg
This Hacker Makes $160K a Day ⁠— After He Got Out of Federal Prison🎙Darknet Diaries Ep. 60: dawgyg
Jack Rhysider
57 He Fell Asleep Hacking Sea World and Woke Up in a World of Trouble🎙 Darknet Diaries Ep. 62: Cam
He Fell Asleep Hacking Sea World and Woke Up in a World of Trouble🎙 Darknet Diaries Ep. 62: Cam
Jack Rhysider
58 "I rob banks for a living," but it's all totally legal🎙Darknet Diaries Ep. 66: Freakyclown
"I rob banks for a living," but it's all totally legal🎙Darknet Diaries Ep. 66: Freakyclown
Jack Rhysider
59 Mom Hacked a Prison With a Clipboard & USB Stick🎙Darknet Diaries Ep. 67: The Big House
Mom Hacked a Prison With a Clipboard & USB Stick🎙Darknet Diaries Ep. 67: The Big House
Jack Rhysider
60 Cyber Terror: Who Sabotaged This Saudi Chemical Plant?🎙Darknet Diaries Ep. 68: Triton
Cyber Terror: Who Sabotaged This Saudi Chemical Plant?🎙Darknet Diaries Ep. 68: Triton
Jack Rhysider

The video discusses a real-life incident of a sewage system hack in Australia and explores the concepts of OT security and the importance of securing critical infrastructure. The incident highlights the potential consequences of insider threats and the need for robust security measures to prevent such attacks. The video provides a detailed analysis of the incident and the measures that can be taken to prevent similar attacks.

Key Takeaways
  1. Understand the basics of OT security
  2. Identify potential security threats
  3. Recognize the potential consequences of insider threats
  4. Implement robust security measures to prevent attacks
  5. Monitor and audit systems regularly
💡 The incident highlights the importance of securing critical infrastructure and the potential consequences of insider threats. It also emphasizes the need for robust security measures to prevent such attacks.

Related Reads

📰
I Spent Weeks Looking for a Research Gap Before I Realized I Was Searching the Wrong Way
Learn how to effectively find research gaps by changing your approach, a crucial skill for AI researchers and academics
Medium · AI
📰
ICMI 2026 Reviews [D]
Learn how to interpret ICMI 2026 reviews and improve your paper's acceptance chances
Reddit r/MachineLearning
📰
Workshop submission for main conference paper under review [D]
Learn how to navigate submitting a paper to a non-archival workshop before the final decision of a main conference like ECCV
Reddit r/MachineLearning
📰
Kept context-switching between arxiv, OpenReview, GitHub, and HuggingFace for every paper, so I built this. Chrome extension + website with everything inline, plus citation graph + SPECTER2 neighbors. 3M papers, free, feedback welcome [P]
Streamline your research with a new Chrome extension and website that integrates 3M papers from arxiv, OpenReview, GitHub, and HuggingFace, including citation graphs and SPECTER2 neighbors, and provide feedback to improve it
Reddit r/MachineLearning
Up next
Indians Under House Arrest in America? 😱 Immigration Crisis Explained | SumanTV Classroom
SumanTV Classroom
Watch →