Tech

Liberian ISP sues rival for hiring hacker to attack its network

Lawsuit comes after British authorities sentenced the hacker to two years and eight months in prison for the same attacks.

Written by Catalin Cimpanu, Contributor Jan. 14, 2019 at 4:39 a.m. PT

A Liberian internet service provider has sued a rival company and two of its executives for hiring a hacker to launch distributed denial of service (DDoS) attacks against its infrastructure.

Security

The ISP --Lonestar Cell MTN-- has filed the lawsuit in a British commercial court over the weekend.

The defendants are Daniel Kaye (the hacker), Cellcom (now Orange Liberia, the rival telecom), Avishai Marziano (former Cellcom CEO), and Ran Polani (another Cellcom executive).

The lawsuit comes after British authorities sentenced Kaye to two years and eight months in prison, on Friday last week, for using his custom-made DDoS botnet to attack Lonestar's infrastructure throughout the fall of 2016, but also attacks on other targets.

According to a statement from the UK National Crime Agency following Kaye's sentencing, Kaye "was hired by a senior official at Cellcom, a rival Liberian network provider, and paid a monthly retainer."

"From September 2016, Kaye used his own Mirai botnet, made up of a network of infected Dahua security cameras, to carry out consistent attacks on Lonestar," the NCA said. "In November 2016, the traffic from Kaye's botnet was so high in volume that it disabled internet access across Liberia."

"The attacks had a direct and significant impact on Lonestar's ability to provide services to its customers, resulting in revenue loss of tens of millions in US dollars as customers left the network," the NCA statement also said. "Remedial action taken by Lonestar to prevent the attacks incurred costs of approximately 600,000 USD."

Kaye, who is believed to have operated a botnet that at one point reached around one million devices (mostly made up of routers and smart cameras), launched attacks of a massive size against Lonestar's network.

The attacks were so big that they not only caused Lonestar's mobile network to go down being unable to handle all the incoming traffic but also clogged up a submarine communications cable connecting Liberia to the rest of the Internet, bringing down the services of other telcos as well, as ZDNet reported at the time.

Now, Lonestar is seeking civil damages from the parties involved, according to a press released the company published on Sunday.

"The cyber-attack was a targeted and sustained act of industrial sabotage designed to disrupt Lonestar's business and that of our customers, so as to advantage Lonestar's competitors," said Lonestar. "The attack caused considerable damage to Lonestar's business and disruption to our customers in Liberia."

Lonestar could not be reached for comment. Orange Liberia did not respond to a request for comment.

However, an anonymous source with Orange Liberia has told FrontPageAfrica that the allegations that Lonestar lost revenue and market share following the cyber-attacks are "completely bogus and a scam."

The unnamed insider claims Lonestar has been on a downward spiral since 2012. The insider did not address the fact that a former Cellcom exec was cited in an NCA investigation as paying a hacker to attack one of its rivals, which is the main claim of the lawsuit.