A 32-year-old hacker from Surrey, England has been arrested for a cyberattack that disabled Liberia’s entire telecommunications network.
Daniel Kaye admitted he was hired by a senior executive at Liberian carrier Cellcom to carry out an attack against rival operator Lonestar.
Mike Hulett, Head of Operations at the National Cyber Crime Unit, said:
“Daniel Kaye was operating as a highly skilled and capable hacker-for-hire. His activities inflicted substantial damage on numerous businesses in countries around the world, demonstrating the borderless nature of cybercrime.
The victims in this instance suffered losses of tens of millions of dollars and had to spend a large amount on mitigating action. Working in collaboration with international law enforcement partners played a key role in bringing Daniel Kaye to justice.”
Kaye assembled a Mirai botnet for the operation, made up primarily of compromised Dahua security cameras and other devices hired from third-party hackers. Such botnets are notoriously hard to control, and at its peak his network knocked out Liberia’s entire telecoms infrastructure.
Lonestar reported losses in the tens of millions of dollars and incurred about $600,000 in remediation costs to restore services and repair damage caused by the distributed denial-of-service (DDoS) attack.
The campaign drew significant attention within the security community and was labeled “#14.” At one stage, researchers estimated it accounted for more than half of all Mirai infections worldwide.
Russell Tyner of the Crown Prosecution Service (CPS) added:
“Kaye was a talented and sophisticated cyber criminal who created one of the world’s largest networks of compromised computers which he then made available to other cybercriminals with no consideration as to the damage it would cause.
The CPS and the National Crime Agency, together with the authorities in Germany and Cyprus, worked closely in order to bring him to justice.”
Kaye was sentenced to 32 months in a UK prison for the Liberian DDoS attack. He also faced prosecution in Germany for a separate 2016 attack on Deutsche Telekom, receiving a suspended sentence there.
Authorities said he was linked to several other high-profile DDoS incidents that affected UK banks, including Lloyd’s, Barclays and Halifax.
Interested in hearing industry leaders discuss topics like this and learn from their experience? Attend the Cyber Security & Cloud Expo World Series, with upcoming events in Silicon Valley, London and Amsterdam, to explore current challenges, defenses and best practices in cyber resilience.