How to DDoSit the whole country

Original author: Dominic Casciani
  • Transfer
A hacker from Britain, who put the Internet throughout Liberia, went to jail.


Daniel Kay was hired to attack Lonestar broadcaster.

Daniel Kay admitted that he attacked an African telephone company - inadvertently putting Liberia's Internet in 2016.

The 30-year-old Briton remains at the center of a major international investigation of hundreds of cyber-sabotage cases around the world.

The National Crime Agency says Kay is arguably the most important cyber criminal caught in the UK all the time.

Judge Alexander Milne stated that Kay committed a “cynical” financial crime by imprisoning Kay for 32 months in the Blackfriars Royal Court in London.

He added:
“Paradoxically, you are smart enough to understand how much power you have. But it only makes the situation more frightening, because you used your abilities to make this attack. ”

Kay cried bitterly when he was arrested.

The translation was made with the support of the company EDISON Software , which is constantly improving its design , as well as engaged in investing in products and providing services for outsourced development .

Who is Daniel Kay?

Kay, a self-taught hacker, originally from the city of Egham in Surrey, began to advertise his services on the darknet, inviting customers to identify and destroy their business rivals.

According to the criminal case, Kay was hired in 2015 to attack Lonestar, the leading Liberian mobile communications and Internet company, a man working for Cellcom, a rival to Lonestar.

There is no suggestion that Cellcom knew about the employee’s actions, but he offered Kay up to $ 10,000 (£ 7,800) a month for the hacker to do everything possible to destroy Lonestar’s service and reputation.

As prosecutor, Robin Sellers told the Blackfriar Royal Court that in November 2016, Kay created a “botnet” - a particularly powerful form of cyber attack that is designed to suppress target systems, which makes normal business operations impossible.

This type of attack is known as distributed denial of service (DDoS).

It differs from the attack, the blocking system, in which the attacker makes his demands - an example of such an attack is “Wannacry” on the NHS.

What did kei's botnet do

The weapon, known as "Mirai # 14", could secretly take control of a huge number of Chinese Dahua webcams, which are used to provide security in homes and businesses around the world.

He determined that cheap cameras and other similar equipment had a gap in their protection - and he took advantage of this to take control of the device without the knowledge of the owners.

This meant that he could turn them into a zombie cyber army to attack his target.

In November 2016, secretly working outside of Cyprus and managing the botnet through his mobile phone, Kay ordered him to bring down the Lonestar system.

On his orders, hundreds of thousands of webcams began sending data requests to a West African company.

The system tried to cope with all requests and this led to the accident of a part of its support tools.

Then he tried to attract additional resources for the attack, carrying out new attacks from Germany, where he tried to seize part of the infrastructure of the national Deutsche Telekom.

Investigators found that at the peak of the Mirai # 14 code attack, about a million devices around the world were hacked.

In Liberia, mobile phone owners have noticed that their devices have disconnected from the network.

The company turned to information security consultants who tried to repel the attack, but by this time it was too late because the botnet was out of control.

What charges did Daniel Kay admit?

  • Creating a Mirai # 14 botnet for use, which is a violation of the 1990 computer misuse law
  • Carrying out cyber attacks on Lonestar in Liberia is another crime under the Computer Abuse Act
  • Possession of criminal property - in respect of 10,000 dollars found at his time of arrest

In the meantime, Liberia’s Internet depended on a small number of providers as well as a relatively limited Atlantic cable.

Compared to Liberia, in European countries there is a much safer Internet because traffic can reach users through many different connection routes.

Kay sent so much traffic to Lonestar that the entire national system was blocked.

According to investigators, in the period from November 3 to November 4, 2016, the country repeatedly failed, which hampered the work of not only Lonestar, but also organizations and people across the country.

It is believed that this was the first time that one cybercriminal broke down the Internet of an entire country, although he did not intend to do that.

In written statements to the court, Babatunde Osho, the former executive director of Lonestar, said that Kay’s crime was devastating.

“The DDOS attack, created by Daniel Kay, seriously undermined Lonestar’s ability to provide a reliable Internet connection to its customers,” said Osho. “In addition, because of Kay’s actions, Lonestar’s customers could not communicate with each other, gain access to basic services, and engage in their daily business activities.”

A significant number of Lonestar customers turned to competitors.

“In the years preceding the DDOS attacks, Lonestar’s annual revenue exceeded $ 80 million (£ 62.4 million). After the attacks, revenue fell by tens of millions, and its current debts increased by tens of millions. ”

How the investigators caught Kay

Kay was already suspected of involvement in the attack, and was arrested when he returned to the UK for holidays in February 2017.

Under him, they found $ 10,000, which, according to the National Crime Agency, was part of the payment he received for the attack on Lonestar. Germany demanded the extradition of Kay - and later this year he was convicted in a Cologne court for interfering with the Deutsche Telekom system. More than 124,000 customers of Deutsche Telekom faced problems in the services provided, including the main sewage complex in Cologne.

The German authorities then brought Kay back to the UK to face much more serious accusations from Liberia, since British law allows cybercriminals to be held accountable for crime anywhere in the world.

By this time, cyber-specialists of the National Agency for the Fight against Crime tied the botnet Kay Mirai # 14 with attacks on three British banks - Lloyds, Barclays and Halifax - in January 2017.

An anonymous attacker demanded a ransom in return for stopping the attack.

Daniel Kay was previously convicted in a Cologne court for interfering with the Deutsche Telekom system.

Unlike Lonestar and Liberia, serious defenses in all three British institutions repelled the attack.

Initially, Kay was charged with conducting these attacks, but he told investigators that, although his botnet was responsible for this operation, he lent it to someone else via darknet.

On Friday at the Blackfriar Royal Court, these charges were officially dropped.

Mike Hewlett, head of the National Cyber ​​Crime Department at the NCA, told the BBC that investigators are still trying to get a complete list of Kay’s crimes around the world.

“I consider Daniel Kay one of the most dangerous cyber criminals arrested in the UK,” Hewlett said. “He has exceptional skills. The attacks he conducted had dire consequences. ”

Hewlett added that, as far as the NCA is known, not a single cybercriminal chopped off the Internet to the whole country with the power of a single attack.

In court, Kay's lawyer told the judge that his client denied that Lonestar had suffered any alleged losses.

Jonathan Green stated that the Internet in Liberia was restricted regardless of Kay’s attack.

“We believe that the relatively slow Internet service has become even slower. Not proven to be a direct threat to Liberia. ”

He also told the court that major information technology firms were interested in Kay’s candidacy, who would like to use his skills despite the crimes.

"We need people like Mr. Kay, on the good side."

Also popular now: