The Finnish national broadcasting company Yle recently aired a new Docstop series called “Team Whack - everything can be hacked”. In its first episode Team Whack found over 1000 openly accessible Fidelix building automation systems in Finland. The team subsequently demonstrated the involved risks by taking over and remotely controlling one neighbourhood’s building automation, including yard lights, ventilation and heating.
The episode inspired Oulu-based information security company Badrap Ltd. to contact and assist parties that are actively using insecurely installed Fidelix building automation systems in Finland. The need for such a push was made clear by Fidelix’s aired statement that security patches seldom find their way to devices in the field.
Badrap set a bounty for a method to warn the owners of the vulnerable devices, and computer security experts of Remod Ltd. took up the challenge. Based on publicly available information Remod identified the vulnerable Finnish network addresses to contact those in danger. The companies also made their findings available at https://badrap.io so that anyone can check their own network, for free.
“The Internet is full of vulnerable devices. Owners of most of these have no experience in computer security. We want to make security an easily approachable thing for everyone, and this campaign is one step towards that”, Badrap.io CEO Jani Kenttälä describes their motivation.
More information is available via:
Jani Kenttälä, Badrap Ltd.
contact@badrap.io
+358 45 1224 601
Badrap’s free service for checking out network vulnerabilities and data breaches that affect you: https://badrap.io/
Information about Remod: https://remod.fi/
All six episodes of Team Whack are globally available at https://areena.yle.fi/1-4664681. The first episode has English subtitles.