Regardless of the reason, deliberate targetting, accidental "drive by DDoS" or bad configuration, the question that remains is "Why is the heating dependent on being online?"
It is completely reasonable if the heat system every so often "phones home", so report on usage, but it shouldn't actually stop working, if the network connection isn't available.
You can blame, DDoS, hackers, network outages, the Russians, I don't care, it doesn't cover up the fact that your system has a stupid design.
> the question that remains is "Why is the heating dependent on being online?"
1) So they can bill you.
2) Bad design
Billing is almost always the reason if the design is sane. And it's always a PITA.
Bad design is self-explanatory. Most programmers think in terms of features rather than function.
I have this discussion every day with people creating battery operated IoT devices.
Me: "What is your most important function?"
Them: "Well, we need to do <feature X>"
Me: "<sighing> No. Your most important function is to protect your battery. If the device is dead, nothing else matters. Nobody should be able to make you drain your battery without your permission. After that consideration, you can do something useful."
Not sure why this is controversial. Boilers have an on/off switch, and when your company manages a large number of buildings, you automate and centralize on/off for efficiency's sake, no?
That sounds like either clueless reporting or an attempt at blame shifting.
The heating system of a building is not a typical DDoS target, and it's improbable that somebody living outside of that building had a take against the inhabitants, knew of the right IP(s) for that building, and the effect a DDoS would have.
It's more plausible that the control system was designed so badly that exposing it to the Internet (and the accompanying background noise from port scanners, be it botnets, spammers or IoT malware) caused it to break down.
Then, the operators saw the effect of the misconfiguration and proclaimed it was a DDoS, because you don't get fired for breaking down under a DDoS, as opposed to having miserable IT security in place. This is similar to getting hacked by "the Russians" (or other state-level evildoers) where it is widely accepted that you just can't prevent such incidents.
It is bad reporting. The systems in question were used as a part of launching a DDoS attack, they were not the target of the attack. The high load then caused the systems to crash repeatedly.
Sounds like exactly the sort of thing I'd have done in my youth (if I had had the skills) if I would've discovered lax security in my own building's systems and it pissed me off.
IOT companies don't tend to have bug bounties et al, and shutting off the heat to some buildings seems like a mostly harmless way to get some publicity for the issue.
Could very well be a prank by teenagers who spot a hole in a nearby buildings systems. Not necessary to assume reporter has it wrong unless you have a contradictory source.
In my experience, embedded systems tend to behave poorly when faced with large amounts of traffic (normal traffic to these systems is tiny). I have once been locked out of work due to an errant workstation flooding the network with broadcast DHCP packets, which overloaded the embedded system which validates the key cards and unlocks the door (later permanently solved by moving the embedded system to its own firewalled VLAN).
As an aside: lovely Netscape favicon on that site.
One thing is sure: we won't ever make 100% secure networks. For now, ransomware are few and only on a big scale, but they could indeed become a big problem with IoT. I'm not exactly sure why we need to connect those devices to the internet: sounds like a local network should be enough. And if we want to send usage data to some kind of aggregation service, devices still can issue POST requests to our connected desktop, or be bluetooth connected to our mobiles.
[1] for those who didn't watch it, the battlestar galactica is one of the only human spaceships not destroyed by robots, thanks to the fact its captain always refused to connect the ship on the network
If we had large amount of devices like heaters and boilers attached to remote control system it would be probably possible to cause major problems to the electrical network by just turning the devices on and off in synchronised fashion.
And actually this is not so far fetched, since there are already discussions about making these devices smart and remotely controllable so that the utility company could balance the electricity need.
I wouldn't call it "this exact topic", since the primary attack vector in the story are smart meters, but still can second your recommendation. The book is highly based on a study founded by the german government[0], analyzing the outcome of a great scale blackout. The study is also worth reading, unfortunately only a german version is available.
[+] [-] mrweasel|9 years ago|reply
It is completely reasonable if the heat system every so often "phones home", so report on usage, but it shouldn't actually stop working, if the network connection isn't available.
You can blame, DDoS, hackers, network outages, the Russians, I don't care, it doesn't cover up the fact that your system has a stupid design.
[+] [-] bsder|9 years ago|reply
1) So they can bill you. 2) Bad design
Billing is almost always the reason if the design is sane. And it's always a PITA.
Bad design is self-explanatory. Most programmers think in terms of features rather than function.
I have this discussion every day with people creating battery operated IoT devices.
Me: "What is your most important function?" Them: "Well, we need to do <feature X>" Me: "<sighing> No. Your most important function is to protect your battery. If the device is dead, nothing else matters. Nobody should be able to make you drain your battery without your permission. After that consideration, you can do something useful."
[+] [-] walshemj|9 years ago|reply
[+] [-] EugeneOZ|9 years ago|reply
2. Everybody can be smart after the case :) I'm sure now the'll design something more safe.
[+] [-] ComteDeLaFere|9 years ago|reply
[+] [-] pg_is_a_butt|9 years ago|reply
[deleted]
[+] [-] ge0rg|9 years ago|reply
The heating system of a building is not a typical DDoS target, and it's improbable that somebody living outside of that building had a take against the inhabitants, knew of the right IP(s) for that building, and the effect a DDoS would have.
It's more plausible that the control system was designed so badly that exposing it to the Internet (and the accompanying background noise from port scanners, be it botnets, spammers or IoT malware) caused it to break down.
Then, the operators saw the effect of the misconfiguration and proclaimed it was a DDoS, because you don't get fired for breaking down under a DDoS, as opposed to having miserable IT security in place. This is similar to getting hacked by "the Russians" (or other state-level evildoers) where it is widely accepted that you just can't prevent such incidents.
[+] [-] zmb_|9 years ago|reply
[+] [-] na85|9 years ago|reply
Sounds like exactly the sort of thing I'd have done in my youth (if I had had the skills) if I would've discovered lax security in my own building's systems and it pissed me off.
IOT companies don't tend to have bug bounties et al, and shutting off the heat to some buildings seems like a mostly harmless way to get some publicity for the issue.
[+] [-] sfifs|9 years ago|reply
[+] [-] cesarb|9 years ago|reply
As an aside: lovely Netscape favicon on that site.
[+] [-] protomyth|9 years ago|reply
[+] [-] oelmekki|9 years ago|reply
One thing is sure: we won't ever make 100% secure networks. For now, ransomware are few and only on a big scale, but they could indeed become a big problem with IoT. I'm not exactly sure why we need to connect those devices to the internet: sounds like a local network should be enough. And if we want to send usage data to some kind of aggregation service, devices still can issue POST requests to our connected desktop, or be bluetooth connected to our mobiles.
[1] for those who didn't watch it, the battlestar galactica is one of the only human spaceships not destroyed by robots, thanks to the fact its captain always refused to connect the ship on the network
[+] [-] ryanlol|9 years ago|reply
Remote management hardware got infected with Mirai or the like.
[+] [-] SixSigma|9 years ago|reply
[+] [-] 0xmohit|9 years ago|reply
It appears that it's been fixed. https://twitter.com/Symbiatch/status/796407575776526341
Also see https://twitter.com/internetofshit/status/796405149501706240
[+] [-] akerro|9 years ago|reply
[+] [-] jpalomaki|9 years ago|reply
And actually this is not so far fetched, since there are already discussions about making these devices smart and remotely controllable so that the utility company could balance the electricity need.
[+] [-] mtgx|9 years ago|reply
[+] [-] Raed667|9 years ago|reply
From hacking boilers to stop water delivery, to locking people outside their doors.
The next few years will be very fun for "infoSec" people.
[+] [-] Ftuuky|9 years ago|reply
[+] [-] philfrasty|9 years ago|reply
Edit: Amazon link https://www.amazon.com/dp/B01FCQLSPC
[+] [-] schlowmo|9 years ago|reply
I wouldn't call it "this exact topic", since the primary attack vector in the story are smart meters, but still can second your recommendation. The book is highly based on a study founded by the german government[0], analyzing the outcome of a great scale blackout. The study is also worth reading, unfortunately only a german version is available.
[0] http://www.tab-beim-bundestag.de/de/untersuchungen/u137.html
[+] [-] mmaunder|9 years ago|reply
[+] [-] adaisadais|9 years ago|reply