{"description": "ICS techniques used by Maroochy Water Breach, ATT&CK campaign C0020 (v1.0)", "name": "Maroochy Water Breach (C0020)", "domain": "ics-attack", "versions": {"layer": "4.5", "attack": "17", "navigator": "5.1.0"}, "techniques": [{"techniqueID": "T0878", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary suppressed alarm reporting to the central computer.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0879", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary gained remote computer access to the control system and altered data so that whatever function should have occurred at affected pumping stations did not occur or occurred in a different way. This ultimately led to 800,000 liters of raw sewage being spilled out into the community. The raw sewage affected local parks, rivers, and even a local hotel. This resulted in harm to marine life and produced a sickening stench from the community's affected rivers.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0813", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary temporarily shut an investigator out of the network preventing them from issuing any controls.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0815", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary temporarily shut an investigator out of the network, preventing them from viewing the state of the system.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0822", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary gained remote computer access to the system over radio.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0838", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary disabled alarms at four pumping stations, preventing notifications to the central computer.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0836", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary gained remote computer access to the control system and altered data so that whatever function should have occurred at affected pumping stations did not occur or occurred in a different way. The software program installed in the laptop was one developed for changing configurations in the PDS computers. This ultimately led to 800,000 liters of raw sewage being spilled out into the community.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0848", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary falsified network addresses in order to send false data and instructions to pumping stations.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0856", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary used a dedicated analog two-way radio system to send false data and instructions to pumping stations and the central computer.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0864", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary utilized a computer, possibly stolen, with proprietary engineering software to communicate with a wastewater system.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0855", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary used a dedicated analog two-way radio system to send false data and instructions to pumping stations and the central computer.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0860", "comment": "In the [Maroochy Water Breach](https://attack.mitre.org/campaigns/C0020), the adversary used a two-way radio to communicate with and set the frequencies of Maroochy Shire's repeater stations.(Citation: Marshall Abrams July 2008)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "used by Maroochy Water Breach", "color": "#66b1ff"}]}