Lessons learned from the Maroochy Water breach

IFIP Advances in Information and Communication Technology

Volumn 253, Issue , 2008, Pages 73-82

  Slay, Jill ^a   Miller, Michael ^b  

^a UNIVERSITY OF SOUTH AUSTRALIA   (Australia)

^b NONE

Author keywords

Maroochy water services breach; SCADA security

Indexed keywords

ELECTRIC POWER SYSTEM CONTROL; GAS PIPELINES; GAS PLANTS; PUBLIC WORKS; SCADA SYSTEMS; SEWAGE TREATMENT PLANTS; WATER DISTRIBUTION SYSTEMS; DATA ACQUISITION; MOBILE SECURITY; WATER SUPPLY SYSTEMS;

ELECTRICAL POWER; MAROOCHY WATER SERVICES; MONITOR AND CONTROL; OIL-AND-GAS PIPELINES; SCADA SECURITY; SERVICE INFRASTRUCTURE; SUPERVISORY CONTROL AND DATA ACQUISITION (SCADA) SYSTEMS; TECHNOLOGICAL ADVANCES; SUPERVISORY CONTROL AND DATAACQUISITION SYSTEMS (SCADA);

CRITICAL INFRASTRUCTURES;

EID: 84902345608     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: None     Document Type: Conference Paper

References (17)

1. Australian Computer Emergency Response Team, 2004 Australian Computer Crime and Security Survey (www.auscert.org.au/render.html?it =2001), 2005.
2. British Columbia Institute of Technology, Good Practice Guide on Firewall Deployment for SCADA and Process Control Networks, National Infrastructure Security Co-ordination Centre, London, United Kingdom, 2005.
3. E. Byres and J. Lowe, The myths and facts behind cyber security risks for industrial control systems, presented at the VDE Congress, 2004.
4. J. Fernandez and A. Fernandez, SCADA systems: Vulnerabilities and remediation, Journal of Computing Sciences in Colleges, vol. 20(4), pp. 160-168, 2005.
5. General Accounting Office, Critical Infrastructure Protection: Challenges and Efforts to Secure Control Systems, Report to Congressional Requesters, GAO-04-354, Washington, DC, 2004.
6. G. Hughes, The cyberspace invaders, The Age, June 22, 2003.
7. IT Security Advisory Group, SCADA security: Advice for CEOs, Department of Communications, Information Technology and the Arts, Canberra, Australia (www.dcita.gov.au/communications for business/security/critical infrastructure security/key documents), 2005.
8. S. Mustard, Security of distributed control systems: The concern increases, Computing and Control Engineering Journal, vol. 16(6), pp. 19-25, 2005.
9. National Communications System, Supervisory Control and Data Acquisition (SCADA) Systems, Technical Information Bulletin NCS TIB 04-1, Arlington, Virginia, 2004.
10. Office of Energy Assurance, 21 Steps to Improve Cyber Security of SCADA Networks, U.S. Department of Energy, Washington, DC, 2002.
11. P. Oman, E. Schweitzer and D. Frincke, Concerns about intrusions into remotely accessible substation controllers and SCADA systems, Proceedings of the Twenty-Seventh Annual Western Protective Relay Conference, 2000.
12. D. Peterson, Intrusion detection and cyber security, InTech, May 2004.
13. President's Information Technology Advisory Committee, Cyber Security: A Crisis of Prioritization, Report to the President, National Coordination Office for Information Technology Research and Development, Arlington, Virginia, 2005.
14. Riptech, Understanding SCADA system security vulnerabilities (www.iwar.org.uk/cip/resources/utilities/SCADAWhitepaperfinal1.pdf), 2001.
15. J. Slay and M. Miller, A security architecture for SCADA networks, Proceedings of the Seventeenth Australasian Conference on Information Systems, 2006.
16. J. Stamp, P. Campbell, J. DePoy, J. Dillinger and W. Young, Sustainable security for infrastructure SCADA, Sandia National Laboratories, Albuquerque, New Mexico (www.sandia.gov/scada/documents/SustainableSecurity.pdf), 2003.
17. Symantec, Understanding SCADA system security vulnerabilities (www4.symantec.com/Vrt/offer?aid=20249), 2004.