Sunwater
Summary
Sunwater, a Queensland government-owned bulk water supplier, was targeted by hackers who maintained undetected access to the organisation's systems for approximately nine months. The prolonged breach of a critical infrastructure provider raised serious concerns about water security and the vulnerability of essential services.
What Happened
Hackers gained access to Sunwater's IT systems and maintained persistent access for about nine months before the intrusion was detected in November 2021. The extended dwell time meant attackers had opportunity to explore the network, access data, and potentially gain understanding of operational systems.
Sunwater is a critical infrastructure provider managing water storage and distribution across Queensland, including dams, weirs, and pipelines supplying irrigation, industry, and towns. The breach of such infrastructure created concerns beyond typical data theft, including potential risks to operational technology and water supply systems.
The fact that attackers remained undetected for nine months indicated sophisticated techniques to avoid detection and maintain persistent access to the network.
Impact on Individuals
While Sunwater did not disclose specific data compromised, the extended access period meant attackers could have obtained:
- Employee information and internal communications
- Stakeholder and customer data
- Operational information about water infrastructure
- Internal system configurations and security details
The breach of critical water infrastructure also raised broader public safety concerns beyond individual privacy impacts.
Organisational Response
Once the breach was detected, Sunwater engaged cybersecurity experts to investigate the extent of the compromise and remediate affected systems. The organisation worked with government cybersecurity agencies given its critical infrastructure status.
The incident prompted reviews of cybersecurity measures for Queensland's critical infrastructure providers and highlighted the challenges of detecting sophisticated intrusions in industrial and utility systems.