Liberia was hit by a massive DDoS attack, which succeeded in taking most of the country offline.
It was revealed that the cause of this is the Mirai botnet, the same system that resulted in the largest DDoS attack yet on Dyn back in October and the attack on KrebsOnSecurity.com prior to that.
Mirai is especially dangerous because it can attach to Internet of Things (IoT) devices connected to the internet, including DVR players, routers and digital cameras. Perhaps the most dangerous aspect of Mirai, is that the source-code for the botnet was released to the public a while back, so that any tech-savvy would-be cyber-criminal can get started in the botnet crime business.
Liberia was extremely susceptible to an attack of this nature, as it is connected to the internet by a single fiber-optic cable.
PCWorld.com is reporting that the DDoS attack is ‘Killing Business‘ in Liberia, and we can see how that might be the case. If you are a business with a website, you could well be considering your choice of hosting partner now that this single point of failure has been highlighted. The report in PCWorld.com though cites a source who works for a Mobile provider (we assume this means cellular phone provider) – who uses the internet extensively for their data connectivity. If calls cannot be routed from one tower to the next via the internet, then cellular phones must use radio only – and that only works when a provider has overlapping cell-tower coverage. This might not be the case in rural settings, even in a 1st world country like the United States, and even more-so in a 3rd world country like Liberia.
The unnamed employee states that “it’s killing our revenue” – most likely because the mobile provider he/she works for bills on a per-minute basis, rather than on an unlimited plan basis.
It is also speculated that Liberia might be a testing ground for new, previously unused DDoS attack vectors. These types of tests need to be done by botnet owners in either a limited fashion, or on targets who do not have the technical tools or expertise to detect and remediate the new attack vectors.