Criminals Trying to Take an Entire Country Offline with Massive DDoS Attacks – Testing Cyber Weapons?

Rafia Shaikh
Posted Nov 3, 2016
37Shares
Share Tweet Submit

Cyber criminals are now using Mirai malware to take down the entire internet infrastructure of Liberia. The African nation was targeted by the same cyber weapon that caused the largest ever cyber attack of the history, just two weeks ago.

Mirai malware was used in October to launch a massive distributed denial-of-service (DDoS) attack that affected some of the world’s biggest online sites and services. The attack was launched using a growing network of infected internet-connected devices that sent 1.1Tbps traffic.

The source code was publicly released by a cybercriminal earlier in October, causing the East Coast cyber attack. Mirai malware is designed to scan for insecure IoT devices, using them to send massive amounts of traffic, causing service disruption.

Security experts had warned that the October DDoS attack was just a start of an expected onslaught of upcoming cyber attacks – of even larger scale. They believe that future DDoS attacks could reach to 10 Tbps traffic, enough to take down the internet infrastructure of an entire country.

Is cyber attack on Liberia a test case?

Using this malware, someone is now trying to take down internet access of an entire country by launching massive DDoS attacks. Criminals have been using the same weapon over the past seven days in the continued attacks on Liberia, 500 Gbps in size. Not as large as the October cyber attack, but still among the largest.

Another Mirai botnet, known as Botnet 14, began intermittent attacks on the two Liberian companies that co-own the only fiber cable coming into the country, sending it almost entirely offline with each attack.

“Transit providers, confirm over 500gbit/Sec of traffic is output during attacks. Attacks last a short period. It is the largest of the Mirai botnets and the domain controlling it pre-dates the attacks on Dyn,” security expert Kevin Beaumont said.

Things Get Serious! CIA Prepares for Cyber War with Russia to "Expose Putin"

“The capacity makes it one of the biggest DDoS botnets ever seen. Given the volume of traffic, it appears to be the owned by the actor which attacked Dyn.”

Many are asking why attack Liberia? A small nation, just 6 percent of the country has internet connectivity. Only a single fiber internet cable off the west African coast provides internet to the country. Security researchers speculate that attacking little-known countries seem to be the best place to test cyber weapons. Beaumont also believes that the attacks “appear to be [of] a test nature.”

If a test botnet can take an entire country offline, we can only assume what a full-fledged cyber attack will do. As they keep warning, it’s only the start of a spooky and a nasty new era of internet.

Share Tweet Submit