Home / News

Liberia's Internet Brought to a Halt After Facing Multiple Mirai-Based Attacks

The entire internet infrastructure of the African nation of Liberia is distributed by the same weapon used to cause the historic cyberattack just two weeks ago. Zack Whittaker reporting in ZDNet: "This week, another Mirai botnet, known as Botnet 14, began targeting a small, little-known African country, sending it almost entirely offline each time. Security researcher Kevin Beaumont ... said that the attack was one of the largest capacity botnets ever seen. One transit provider said the attacks were over 500Gbps in size. Beaumont said that given the volume of traffic, it 'appears to be the owned by the actor which attacked Dyn'. ... An attack of that size is enough to flatten even a large network – or ... a small country."

Update, 4 Nov: "Did a DDoS attack knock Liberia offline?" Director of Internet Analysis at Dyn, Doug Madory in an email today says that while there may have been a DDoS attack against targets in Liberia, "there is no evidence that the country was knocked offline." Both Dyn and Akamai, he added, have observed no change in traffic patterns coming from Liberia in recent days. See corresponding tweets from Akamai & Dyn.

The manager of the submarine cable landing in Liberia is also quoted reporting: "We have received similar inquiries from news outlets and other interest groups on this subject. However, both our ACE submarine cable monitoring systems and servers hosted (locally) in LIXP (Liberia Internet Exchange Point) show no downtime in the last 3 weeks. While it is likely that a local operator might have experienced a brief outage, we have no knowledge of a national Internet outage and there are no data to substantial that."

Brian Krebs also weighing in on the situation: "Yes, multiple sources confirm that Mirai was used to launch an attack exceeding 500 Gbps against a mobile telecom provider in Liberia, but those sources also say the provider in question had a denial-of-service attack mitigation plan in place that kicked into action shortly after the attack began."

By CircleID Reporter – CircleID's internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us. Visit Page

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

 Be the first to post a comment!

Add Your Comments

 To post your comments, please login or create an account.

Related

Topics

Brand Protection

Sponsored byAppdetex

New TLDs

Sponsored byAfilias

Cybercrime

Sponsored byThreat Intelligence Platform

Domain Names

Sponsored byVerisign

DNS Security

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

Whois

Sponsored byWhoisXML API