Conor Gaffey
Displayed with permission from Newsweek

Hackers have repeatedly cut internet access across the whole of Liberia over the past week, targeting the West African country’s single link to the world wide web.

The recurrent and intermittent attacks, which persisted until November 3, used a technique that commandeers everyday items—including webcams and digital cameras—to flood its target with traffic, eventually overloading the servers.

The attacks follow a similar style to the shutdown of numerous high-profile websites, including Twitter and Reddit, on October 21. The previous attack was a distributed denial of service (DDoS), where a network of infected computers—known as a botnet—is used to overwhelm the target with traffic.

A U.K.-based cybersecurity expert, Kevin Beaumont, blogged about the cyberattacks in Liberia on Thursday. Beaumont said that the same type of botnet, known as Mirai, that was used in the October 21 attack had been used to target Liberia. This botnet has been dubbed botnet#14.

Beaumont told The Guardian on Thursday that the attacks had been aimed at two companies that co-own the sole fiber connecting Liberia to the global Internet. “The recent attacks…are huge in volume—among the most amount of traffic [the] internet has seen.”

The cybersecurity expert added that, since the source code for the Mirai botnet was openly available, other hackers could use it to attack high-value targets. The identity of the perpetrators of the Liberia cyberattacks is not clear, but Beaumont said that the commands for the botnet appeared to originate in Ukraine, the BBC reported.

Liberia’s sole external internet cable is the African Coast to Europe submarine communications cable, a 10,600-mile line that stretches from France to South Africa.

Experts have warned that the Liberia cyberattacks could be a test case for other attacks on high-profile targets, including nation states.

Stephen Gates, chief research intelligence analyst at U.S. cybersecurity firm NSFOCUS, said that “taking a country offline in a DDoS attack became more of a reality” since a 2013 cyberattack on spam monitors Spamhaus. The attack slowed internet speeds around the world and was described as the biggest cyberattack in history.

Posted in: ICT