In a stark reminder of the fragility of some Internet-connected devices, and of the increasing usage of distributed denial of service (DDoS) attacks, two properties in Eastern Finland suddenly lost their power.

A DDoS attack was launched on the heating systems of the buildings in the city of Lappeenranta, disabling them from late October until 3rd November.

Lappeenranta, Finland
Lappeenranta, Finland – Wikimedia Commons/Petritap

DDoS heats up

Both buildings were managed by Valtia, whose CEO Simo Rounela told Etelä-Saimaa (translated by Metropolitan.fi) that the systems that controlled the central heating and warm water circulation were temporarily disabled. 

The systems were overloaded with traffic and tried to cope by rebooting the main control circuit, but did so repeatedly, never managing to actually start.

Due to the below freezing temperatures in Finland in the winter, prolonged downtime in heat provision can permanently damage systems, although it did not happen in this case.

The devices that were attacked were built by Fidelix. A representative for the company, Antti Koskinen, told publication Helsingin Sanomat that similar attacks have been carrierd out in Finland before. He added that the desire for convenience and ease of use can open up vulnerabilities.

Data centers, and their cooling systems, are generally thought to have better security than an apartment block, but they are still incredibly vulnerable.

i3 Solutions’ Ed Ansett recently said at the DCD Zettastructure conference: “I think people in the data center industry don’t realize just how vulnerable data centers are.”

AECOM’s Rich Johanning told DCD: “One of the things I do is I got out and evaluate these systems that are controlling the chillers, the heating, the power and things of that nature. And these become attack vectors because they’re not being protected commensurate with the security of the data that is on the IT stack.”

Of course, even if a data center itself is relatively secure, it can be susceptible to attacks from poorly secured Internet of Things devices. Recently, the Mirai botnet had been used to launch attacks on security reasearchers, hosting companies and DNS infrastructure firm Dyn.

Last week, reports swirled that Mirai had been used to knock Liberia off of the Internet, but the actual reason was a 500Gbps attack against a local mobile telecom provider.

Such news is likely to become more common, with DCD taking a closer look at the state of cyber security in the next issue of our magazine.