Stories
Slash Boxes
Comments

SoylentNews is people

DDOS Attack Halts Heating in Finland Amidst Winter

posted by martyb on Friday November 11 2016, @08:53PM   Printer-friendly
from the VERY-not-nice dept.

Phoenix666 writes:

A Distributed Denial of Service (DDoS) attack halted heating distribution at least in two properties in the city of Lappeenranta, located in eastern Finland. In both of the events the attacks disabled the computers that were controlling heating in the buildings.

Both of the buildings where managed by Valtia. The company who is in charge of managing the buildings overall operation and maintenance. According to Valtia CEO, Simo Rounela, in both cases the systems that controlled the central heating and warm water circulation were temporarily disabled.

In the city of Lappeenranta, there were at least two buildings whose systems were knocked down by the network attack. In a DDoS attack the network is overloaded by traffic from multiple locations with the aim of causing the system to fail.

In an interview with Etelä-Saimaa, Rounela estimated the attack in Eastern Finland lasted from late October to Thursday the 3rd of November. The systems that were attacked tried to respond to the attack by rebooting the main control circuit. This was repeated over and over so that heating was never working.

To DDoS heating systems is just, plain cold.

[Typos are in the original story; I suspect English is not their primary language. -Ed.]

Original Submission

 
This discussion has been archived. No new comments can be posted.
DDOS Attack Halts Heating in Finland Amidst Winter | Log In/Create an Account | Top | 18 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1) by nobu_the_bard on Friday November 11 2016, @10:17PM

    by nobu_the_bard (6373) on Friday November 11 2016, @10:17PM (#425842)

    Client uses some HVAC systems that require internet access; its gateway is a proxy though and it has an external firewall we setup onsite. I'm the IT guy not the HVAC guy.

    Actual problem is the thing talks to an onsite webhost and the webhost thing is only scheduled for its first security update this year (it was installed in 2014 i think?). Vendor wouldn't let us put it in the cloud or host it offsite. Needed to be onsite. I put some stuff on the external firewall we put in front of it to mitigate some of its vulnerabilities such as a country blocker and some other stuff. Its gone offline now and again, but never restarted... will have to ask the HVAC guys what they think of this story.

    The webhost is accessed via the browser on technicians' phones to make adjustments; I know from watching the firewall that the site maintenance guys log into it to do things a few times a day from the work cellphones. I do not know why. They don't want to discuss it with non-union people. I'm told by the client's head of maintenance it's important for day-to-day operations that they fiddle with settings, check readings, and the like.