Liberia Suffered Major Cyberattack

Apparently, this time the hackers used the same weapon as in the largest cyberattack in history that took place a few days ago – as a result, the entire Internet infrastructure of the African nation of Liberia has been brought to a grinding halt.

The type of attack was the same – a distributed denial of service, where a network of infected devices is directed to bombard the victim with traffic, effectively overloading its servers. The Mirai botnet, used in the recent attack, was particularly effective because it exploited infected, online-connected devices like DVR players and web cameras. Now the same botnet has been used in continued attacks on the west African nation of Liberia. The security experts who have been closely monitoring Mirai attacks, noted attacks over 600gbps aimed at two companies co-owning the only fiber going into Liberia. During the attacks, websites inside the country are rendered unavailable outside as well.

According to media reports, infrastructure providers estimated the attacks as over 500gbps in size – while not as large as the 1.1tbps attack in October that targeted the US and Europe, but still among the largest attacks ever. If you remember, the previous target was Dyn – a company that controls a bulk of domain name service infrastructure. It acts as a switchboard for Internet traffic, through which the cyberattack brought down the largest online services across Europe and the United States including Twitter, Netflix and Spotify. At the time, security experts claimed that the Dyn attack might have been the largest of its kind. The matter is that Mirai botnet is open source, so anyone can use it.

It is known that Liberia was attacked by the particular Mirai botnet, officially named Botnet 14 14, which tweeted threateningly at security experts looking into the attacks. So far, it is hard to tell who is wielding the Mirai botnet against the African country, or whether it is a state actor or independent hackers. The security specialists point out that the attacks are very worrying because they mean that there is a Mirai operator out there with enough capacity to seriously impact systems in a nation state. The local authorities provided no information on whether they were aware of the attack or investigated it.