Dive Brief:
-
A Mirai botnet attacked Liberia, a small west African country, nearly taking the entire country offline this week and causing intermittent internet connectivity.
-
Security researcher Kevin Beaumont first identified the attacks from Mirai Botnet 14. Transit providers confirmed more than 500 Gbit per second of traffic was output during the attacks, which lasted for short periods.
-
Beaumont believes the botnet is related to the one that attacked Dyn last month and appear to be a test.
Dive Insight:
"The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state," said Beaumont. No one is sure why Liberia is a target, though one researcher suggested the cybercriminals could be using the country as a testing ground for larger attacks.
The hackers were able to take out almost the entire country because Liberia relies on just one internet cable, creating a single point of failure. One about 6% of Liberia currently has internet access.
Given some uncertainty about the stability of the internet after a series of large DDoS attacks, businesses may want to ensure they are fully backed up and rely on multiple providers to protect their data and services should another attack occur.
Thomas Pore, director of IT and Services for Plixer, predicts if cybercriminals are indeed "testing" the Mirai on Liberia. It’s "possible that the USA will see a massive sustained outage of over 4 hours before the end of the year," he said.
