Andrew Ginter said Stuxnet will eventually go away, but its memory will linger for decades.
“Stuxnet as a threat will die rather quickly,” said the chief security officer at Industrial Defender, but it will stay alive in security professionals’ minds.
“This is the biggest news to hit the control business since Maroochy,” he said. “We will be talking about this for 10 to 20 years.”
Just what was the Maroochy incident?
In November 2001, 49-year-old Vitek Boden was sentenced to two years in prison for using a stolen wireless radio, a Supervisory Control And Data Acquisition (SCADA) controller and control software to release up to one million liters of sewage into the river and coastal waters of Maroochydore in Queensland, Australia.
Boden worked for Hunter Watertech, an Australian firm that installed SCADA radio-controlled sewage equipment for the Maroochy Shire Council in Queensland, Australia.
Boden applied for a job with the Maroochy Shire Council, apparently after he walked away from a “strained relationship” with Hunter Watertech.
After the Council decided not to hire him, Boden decided he would get even with the Council and his former employer. He packed his car with stolen radio equipment attached to a (possibly stolen) computer. He drove around the area on at least 46 occasions from February 28 to April 23, 2000, issuing radio commands to the sewage equipment he (probably) helped install. Boden caused 800,000 liters of raw sewage to spill out into local parks, rivers and even the grounds of a Hyatt Regency hotel.
Cleaning up the spill and its effects took days and required the deployment of considerable resources.
“Marine life died, the creek water turned black and the stench was unbearable for residents,” said Janelle Bryant, investigations manager for the Australian Environmental Protection Agency.
The cause of the incident was unauthorized access to the control system via an insecure wireless network and the cost of the attack ended up being in the $1 million range.
— Gregory Hale