Hackers leave Finnish residents cold after DDoS attack knocks out heating systems

Residents of two apartment buildings in Lappeenranta city in southeast Finland were left in the cold after a DDoS attack knocked out heating systems. The cyberattack is believed to have lasted for nearly a week, starting in late October and ending on 3 November, local reports said.

According to Simo Rounela CEO of Valtia, the firm in charge of managing overall operations and maintenance of both the affected properties, the attack temporarily disabled the computer systems that controlled the central heating and hot water distribution of both buildings, Metropolitan.fi reported.

In an attempt to ward off the attacks and remain functional, the targeted systems went into an endless cycle of rebooting. This in turn resulted in the heating system being cut off, leaving residents with no heat and presumably, cold showers. "Remote connection was not working, so went on-site for more inspections," Rounela said. He explained that the controlling systems affected by the attack rebooted every 5 minutes until they eventually stopped functioning altogether.

Rounela noted that the attack hit a DNS servers used by the company. Valtia was made aware of the attack via the affected buildings' automated systems, developed by a firm called Fidelix. Rounela said that once the smart home systems affected had been disconnected from the internet, the heating systems began to function normally.

According to building maintenance expert Sami Orasaari, the security of an automation system is often neglected, with most housing companies and private owners reluctant to investing in network firewalls. Orasaari said that in this particular case, the hackers appeared to have scanned networks to find vulnerable devices and leveraged them.

The alarming rate of IoT-related DDoS attacks have become a major cause of concern in the information security community. This is not the first time that hackers have targeted vulnerable IoT devices to launch massive attacks. The active Mirai botnet has recently been leveraged by hackers to conduct attacks, one of which took an entire country, Liberia, briefly offline.