• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Stealth backdoor found in WordPress mu-Plugins folder

 | 

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

 | 

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

 | 

Sophos fixed two critical Sophos Firewall vulnerabilities

 | 

French Authorities confirm XSS.is admin arrested in Ukraine

 | 

Microsoft linked attacks on SharePoint flaws to China-nexus actors

 | 

Cisco confirms active exploitation of ISE and ISE-PIC flaws

 | 

SharePoint under fire: new ToolShell attacks target enterprises

 | 

CrushFTP zero-day actively exploited at least since July 18

 | 

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

 | 

MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict

 | 

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

 | 

Microsoft issues emergency patches for SharePoint zero-days exploited in "ToolShell" attacks

 | 

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

 | 

Singapore warns China-linked group UNC3886 targets its critical infrastructure

 | 

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 54

 | 

Security Affairs newsletter Round 533 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Radiology Associates of Richmond data breach impacts 1.4 million people

 | 

Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Cyber Crime
  • Hacking
  • What does a DDoS with everyday life? DDoS knocks out building control systems in Finland

What does a DDoS with everyday life? DDoS knocks out building control systems in Finland

Pierluigi Paganini November 09, 2016

The residents in two apartment buildings Finland faced more that a week of serious problem due to a DDoS attack that targeted the building control systems.

What does a DDoS with everyday life? The recent attack against the Dyn DNS service powered by an IoT botnet demonstrated the weakness of modern society to cyber threats.

Anyway, to better explain this strong dependency to a no tech-savvy it could be useful to share the news that I’m going to tell you.

The residents in two apartment buildings in Lappeenranta, Finland, had faced more that a week of serious problem due to a DDoS attack that targeted the building control systems.

The cyber attack targeted the building management systems and halted the heating distribution. The systems were isolated from the Internet and the systems went into an endless loop of reboot attempts trying to reestablish a normal situation.

“A Distributed Denial of Service (DDoS) attack halted heating distribution at least in two properties in the city of Lappeenranta, located in eastern Finland. In both of the events the attacks disabled the computers that were controlling heating in the buildings.” reported the news outlet Metropolitan.fi.

The equipment that was targeted in the attack was built by the company Fidelix whom representative Antti Koskinen confirmed other similar attacks hit systems in the country.

building control systems ddos

The apartments are managed by a company called Valtia, Simo Rounela, CEO of the company told Etelä-Saimaa the DDoS attack hit the building management systems.

I believe that we cannot underestimate such kind of incidents, building management systems are an easy target for cyber criminals and hackers. It is quite easy to locate Web-based HMI/SCADA for building automation and other systems for the building control that are exposed online. Searching engines like Shodan and Censys allow locating online any kind of computer systems providing to the attackers useful information to power a cyber attack.

In many cases, building control systems are not properly configured and there aren’t specific measures in place to protect them.

Consider also that it is very easy and cheap to power a DDoS attack today, the criminal underground is plenty of actors that offer DDoS botnet for rent and any other kind of booter software.

The Valtia company published an official announcement to confirm the attack and highlighted that the risks for such kind of attacks in the area.

“The local newspaper Etelä-Saimaa was a story last week, a denial of service attack on the real estate automation systems.

Similar attacks are easy to fend off a firewall or any other security solution. In this case, the possible attacks to stop and the actual control system continues to operate normally. the existing systems behind a firewall does not even tend to attack, so the situation will improve in that respect.” says Valtia.

At the same time discussions had commented that the reason why sys systems must be connected to the network at all? Here are a couple examples of customer:

-. Alarms  
Over 90% of the area of terraced houses or larger buildings will not send an alarm at the moment, even if the heat is switched off or radiator pressure disappears. In this case, the damage will increase, repair time will increase and costs rise

– Management.  
The systems must be actively monitored and adjusted. Some of this work can be done via a computer remotely, such as temperature setpoints and ventilation controls. In still must still happen, but rarely. This brings direct savings in costs and speed up considerably the work. Sometimes the destination can not be more than 100 kilometers from the maintenance office”

The incident highlights the importance of the proper management of building control systems with particular concern for their cyber security. These systems have to be properly configured and their software continually upgraded in order to fix security vulnerabilities discovered across their lifecycle.

“Building maintenance specialist Sami Orasaari confirms that building automation security is often neglected. Many housing companies or private owners do now want to invest in network firewalls and that security in general tends to be lax. In this case the devices targeted were attacked because they’ve been found to be vulnerable and the attackers have scanned network to find more of them.” reported the metropolitan.fi.

“The cause of the issues were not apparent to regular maintenance task, because they have little or no training related to network attacks against the systems they routinely operate. The attack comes following a series of attacks done using so-called Internet of Things (IoT) devices.”

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – building control systems , hacking)


facebook linkedin twitter

building control system DDoS extortion SCADA

you might also like

Pierluigi Paganini July 24, 2025
Stealth backdoor found in WordPress mu-Plugins folder
Read more
Pierluigi Paganini July 24, 2025
U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Stealth backdoor found in WordPress mu-Plugins folder

    Malware / July 24, 2025

    U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

    Hacking / July 24, 2025

    U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

    Hacking / July 23, 2025

    Sophos fixed two critical Sophos Firewall vulnerabilities

    Security / July 23, 2025

    French Authorities confirm XSS.is admin arrested in Ukraine

    Cyber Crime / July 23, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT