Home / News

Liberia’s Internet Brought to a Halt After Facing Multiple Mirai-Based Attacks

The entire internet infrastructure of the African nation of Liberia is distributed by the same weapon used to cause the historic cyberattack just two weeks ago. Zack Whittaker reporting in ZDNet: “This week, another Mirai botnet, known as Botnet 14, began targeting a small, little-known African country, sending it almost entirely offline each time. Security researcher Kevin Beaumont ... said that the attack was one of the largest capacity botnets ever seen. One transit provider said the attacks were over 500Gbps in size. Beaumont said that given the volume of traffic, it ‘appears to be the owned by the actor which attacked Dyn’. ... An attack of that size is enough to flatten even a large network – or ... a small country.”

Update, 4 Nov: “Did a DDoS attack knock Liberia offline?” Director of Internet Analysis at Dyn, Doug Madory in an email today says that while there may have been a DDoS attack against targets in Liberia, “there is no evidence that the country was knocked offline.” Both Dyn and Akamai, he added, have observed no change in traffic patterns coming from Liberia in recent days. See corresponding tweets from Akamai & Dyn.

The manager of the submarine cable landing in Liberia is also quoted reporting: “We have received similar inquiries from news outlets and other interest groups on this subject. However, both our ACE submarine cable monitoring systems and servers hosted (locally) in LIXP (Liberia Internet Exchange Point) show no downtime in the last 3 weeks. While it is likely that a local operator might have experienced a brief outage, we have no knowledge of a national Internet outage and there are no data to substantial that.”

Brian Krebs also weighing in on the situation: “Yes, multiple sources confirm that Mirai was used to launch an attack exceeding 500 Gbps against a mobile telecom provider in Liberia, but those sources also say the provider in question had a denial-of-service attack mitigation plan in place that kicked into action shortly after the attack began.”

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com