Last week, hackers targeted an infrastructure provider in Liberia with the botnet Mirai. Early reports suggested that the entire country had been knocked offline, but, in reality, the country suffered isolated outages, according to most reports. The country's telecom authority downplayed the impact of the DDoS attack in an interview with BBC but acknowledged that a cell provider there had suffered intermittent online attacks that disrupted its service.
Even if the first reports of the attack exaggerated its impact, the possibility of hackers targeting a nation state remain.
“The question I am asking is: 'Why Liberia?' There is not much to gain financially by attacking that country,” asks Thomas Pore, director of IT and Services at Plixer.
It is certainly an interesting target. Ravaged by Ebola in 2014, Liberia is one of the poorest countries on the planet. Only a small fraction of its population uses the internet.
One theory is that latest attack was to test denial of service techniques. “The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state,” writes security researcher Kevin Beaumont in Medium. Beaumont was one of the first people to write about the so-called #14 Mirai botnet.
Some security researchers, theorize that the Liberia attack was a demonstration of power—a virtual flexing of muscles—that could be used to fuel future extortion attempts. Each attack gives hackers renewed ability to threaten: If you don’t pay me, I’ll knock your website or even your whole country offline. “The botnet owner is demonstrating that he wields an asset much more powerful than what currently exists,” said Chris Carlson, vice president of product management at Qualys. “This can force victims to pay extortion to avoid being [attacked] in the first place, or it can force attacked victims to pay extortion faster to restore service.”