Australian government-owned water supplier, SunWater, has suffered from a security breach. SunWater operates 19 major dams, 80 pumping stations, and 1,600 miles long pipelines in Australia. The threat actors were able to breach the organization’s network and remain on the server for 9 months undetected between August of 2020 and May of 2021. Although the server they were able to access included customer information, it looks like the threat actors were not interested in the sensitive data as there is no evidence any data was exfiltrated. Instead, malware was placed on the server that drove more traffic to another site, likely ran by the hackers. The vulnerability has now been fixed, but this breach highlights a larger issue regarding server vulnerabilities and a lack of proper account security practices in critical infrastructure. Auditors were prompted to check other water companies, and after examining six, it was found that three of them had vulnerabilities or other issues that needed attention.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is