The 2000 Maroochy Shire cyber event is the second in a series of control system cyber events analyzed to determine the effectiveness of NIST Special Publication (SP) 800-53 controls on industrial control systems.
Malicious Control System Cyber Security Attack Case Study: Maroochy Water Services, Australia
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
The 2000 Maroochy Shire cyber event is the second in a series of control system cyber events analyzed to determine the effectiveness of NIST Special Publication (SP) 800-53 controls on industrial control systems. The event has been documented in Court proceedings, a Maroochy Water Services presentation, and other documentation available in the public domain. The event was an intentional, targeted attack by a knowledgeable person on an industrial control system. The case study examines the event from a cyber security perspective. It provides the timelines and cyber issues, examines the NIST SP800-53 controls that were violated or not met, and posits the potential mitigation that would have occurred if the NIST SP800-53 controls had been followed. The intent of this analysis is not to criticize any actions taken, but to look forward as to how lessons learned from this case can be of help to prevent future incidents.