To learn more about this training CD-Rom and how to order it, please see our order page.

Simple Tabletop Exercise
Scenario 4
Cyber Security Breach
Consumer Complaint

As discussed in the Response Protocol Toolbox, the threat warning, or the occurrence or discovery that indicates a potential contamination threat that triggers an evaluation of the threat, can come from several sources. In these scenarios, the threat warning originates from either unusual water quality, as indicated by the utility's SCADA system, or from a consumer complaint regarding water pressure.

This scenario is an intentional cyber-security attack on the water utility's SCADA system. It occurs during the fall after a dry summer in Zenith City. The water utility's Information Technology (IT) person did not receive an expected pay raise and decides to reprogram the SCADA system to shut off the high-lift pumps. The operator's familiarity with the SCADA system allows him to reprogram the alarms that typically notify operators of a high-lift pump failure. In addition, he prevents access to the SCADA system by others. A wildfire breaks out on the outskirts of the city. The utility must discuss the vulnerability of SCADA systems and how they can improve their control of such vulnerable cyber-systems. In addition, the utility must work to restore the drinking water supply and cooperate with the fire department to restore fire flow or to establish an alternate water source.

The following are some useful links to cyber-security information:

21 Steps to Improve Cyber Security of SCADA Networks [PDF - 2,502 KB - 10 pp]
(Source: The President's Critical Infrastructure Protection Board, and the Department of Energy, Office of Energy Assurance,)

The National Strategy to Secure Cyberspace [PDF - 980 KB - 76 pp]
(Source: Department of Homeland Security)

Water and Wastewater Security Product Guide (Source: Environmental Protection Agency, Water Security Division)