A new large DDoS attack is knocking out internet access in Liberia.
The attack, written about on Thursday by IT security researcher Kevin Beaumont, is the same type of attack that slowed much of the internet down in October.
Both attacks used readily available Mirai malware. The malware allows users to hack into poorly-secured internet of things devices (such as smart cameras or refrigerators). From there, the hacker is able to direct data from those devices to one source, clogging its servers and often rendering it inaccessible to everyday users.
Hackers chose Dyn because they knew Dyn provides domain name services to major sites such as Twitter and Spotify. DNS directs common users to websites when they type in a url, so if Dyn went down, a large chunk of the internet went with it.
The thinking behind this newest attack appears to be similar. The attack centers on companies that run Liberia’s single submarine internet cable, which was installed in 2011. Without the cable, Liberia’s already very limited access to the internet can be wiped out.
The attacks — like the attack on Dyn — have come in waves, and Beaumont wrote that it seems like the person or group of people directing this attack are testing their capabilities.
“The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state,” Beaumont wrote.
Security experts have said DDoS attacks are likely to ramp up in strength as more devices with poor security are put into the marketplace. Items such as climate control devices for your home or smart lightbulbs can be hacked over and over again with code available to anyone, allowing hackers to run free with whatever attacks they have the time and skill to direct.
With this most recent assault, Mirai users have proven they can do much more than frustrate people trying to access Twitter.