| Recurring |
one_organization, multiple_organization |
(a) The software failure incident has happened again at one_organization:
The Mirai botnet, which was used in the attack on Liberia, was previously used in the largest cyber-attack in history just two weeks before this incident. The previous target was Dyn, a company that controls a large number of domain name service infrastructure, bringing down major internet services across Europe and the US [49578].
(b) The software failure incident has happened again at multiple_organization:
The Mirai botnet has been used in attacks on both Dyn and Liberia, indicating that this type of attack has targeted multiple organizations [49578]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident in the article is primarily related to the design phase. The incident was caused by hackers using the Mirai botnet to launch distributed denial of service (DDoS) attacks on the internet infrastructure of Liberia. The Mirai botnet harnessed infected, internet-connected devices like DVR players and digital cameras to overload the servers of the targeted companies in Liberia [49578].
(b) The software failure incident can also be linked to the operation phase. The attack on Liberia's internet infrastructure was a result of the operation of the Mirai botnet by unknown actors. The botnet was used to direct a network of infected computers to bombard the target with traffic, causing the servers to be overloaded and rendering websites inside the country unavailable outside as well [49578]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident in Liberia was caused by a distributed denial of service (DDoS) attack using the Mirai botnet, which harnessed infected, internet-connected devices such as DVR players and digital cameras [49578]. The attack overloaded the servers of the targeted companies within Liberia, rendering websites inside the country unavailable outside as well. The Mirai botnet used in the attack was open source, allowing anyone with the requisite know-how to use it, indicating that the failure originated from within the system itself.
(b) outside_system: The contributing factors that originated from outside the system include the hackers who targeted Liberia with the Mirai botnet. The attack was not initiated by the system itself but rather by external actors who launched the DDoS attack on the internet infrastructure of Liberia [49578]. |
| Nature (Human/Non-human) |
non-human_actions |
(a) The software failure incident in Liberia was due to non-human actions, specifically a distributed denial of service (DDoS) attack using the Mirai botnet. The attack involved a network of infected computers bombarding Liberia's internet infrastructure with traffic, overloading its servers [49578].
(b) The Mirai botnet attack on Liberia was not caused by human actions but rather by an external entity or entities utilizing the botnet to target the country's internet infrastructure. The attack was not a result of human errors or intentional actions within the affected system [49578]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident reported in the articles is primarily due to hardware-related factors. The incident involved a distributed denial of service (DDoS) attack on the internet infrastructure of Liberia using the Mirai botnet, which harnessed infected, internet-connected devices such as DVR players and digital cameras [49578]. The attack targeted the infrastructure providers in Liberia, causing websites inside the country to be rendered unavailable outside as well. The attack involved a massive volume of traffic, with attacks over 600gbps aimed at companies owning the only fiber going into Liberia [49578].
(b) The software failure incident is also related to software factors as the Mirai botnet, which was used in the attack, is a type of malware that infects IoT devices and turns them into bots that can be controlled remotely to launch DDoS attacks [49578]. The Mirai botnet is open source, allowing anyone with the necessary knowledge to use it for malicious purposes. The specific Mirai botnet used in the attack on Liberia was named Botnet 14 14, and it was actively tweeting messages picked up on the botnet [49578]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident in Liberia was malicious in nature. The incident involved a distributed denial of service (DDoS) attack using the Mirai botnet, which was directed at the internet infrastructure of Liberia with the intent to disrupt services and render websites unavailable. The attack was described as massive, with traffic volumes exceeding 600gbps and targeting specific companies that co-own the fiber infrastructure of Liberia. The attack was compared to a previous attack on Dyn, a domain name service provider, which brought down major internet services in Europe and the US. The attack was attributed to a botnet named Botnet 14 14, with threatening messages being automatically tweeted from the botnet's account [@MiraiAttacks]. The incident raised concerns about the capabilities of the attacker to impact systems in a nation state, indicating a malicious intent behind the software failure incident [49578].
(b) There is no information in the articles to suggest that the software failure incident in Liberia was non-malicious. The incident was clearly described as a targeted DDoS attack using the Mirai botnet, indicating a deliberate effort to disrupt internet services in Liberia. The attack was characterized by its massive scale and the specific targeting of companies with critical infrastructure, pointing towards a malicious intent behind the software failure incident [49578]. |
| Intent (Poor/Accidental Decisions) |
unknown |
(a) The intent of the software failure incident:
The incident involving the Mirai botnet targeting Liberia's internet infrastructure was not due to poor decisions but rather a deliberate and malicious act by hackers. The attackers used the botnet to launch distributed denial of service (DDoS) attacks on Liberia, causing a significant disruption to the country's internet services. The attack was aimed at specific companies in Liberia, indicating a targeted and intentional effort to disrupt the nation's connectivity [49578].
(b) The intent of the software failure incident:
The software failure incident in Liberia was not accidental but a result of deliberate actions by hackers utilizing the Mirai botnet to carry out DDoS attacks. The attackers targeted specific companies in Liberia, indicating a purposeful intent to disrupt the country's internet infrastructure. The attack was part of a series of continued assaults on Liberia, demonstrating a planned and coordinated effort to cause disruption and render websites inaccessible [49578]. |
| Capability (Incompetence/Accidental) |
unknown |
(a) The software failure incident in the article is not attributed to development incompetence. The incident was caused by hackers using the Mirai botnet to launch a distributed denial of service (DDoS) attack on the internet infrastructure of Liberia [49578].
(b) The software failure incident in the article is not accidental. It was a deliberate attack orchestrated by hackers using the Mirai botnet to disrupt the internet services in Liberia through a massive DDoS attack [49578]. |
| Duration |
temporary |
(a) The software failure incident in Liberia caused by the Mirai botnet attacks can be considered temporary. The attacks have been ongoing over the past seven days, indicating that the disruption is not permanent [49578]. The attacks have rendered websites inside the country unavailable outside as well, suggesting a temporary impact on internet services [49578]. |
| Behaviour |
byzantine |
(a) crash: The software failure incident in the article is not described as a crash where the system loses state and does not perform any of its intended functions [49578].
(b) omission: The failure in the article is not due to the system omitting to perform its intended functions at an instance(s) [49578].
(c) timing: The failure in the article is not due to the system performing its intended functions correctly, but too late or too early [49578].
(d) value: The failure in the article is not due to the system performing its intended functions incorrectly [49578].
(e) byzantine: The software failure incident in the article is related to a distributed denial of service (DDoS) attack using the Mirai botnet, causing the internet infrastructure of Liberia to be brought to a halt. The attack involved a network of infected computers bombarding the target with traffic, overloading its servers. The attack was massive, with traffic over 600gbps aimed at specific companies in Liberia, rendering websites inside the country unavailable outside as well. The incident involved inconsistent responses and interactions due to the malicious nature of the attack [49578].
(f) other: The software failure incident in the article involves a DDoS attack using the Mirai botnet, which is a form of cyber-attack rather than a traditional software failure like a crash or omission. The attack was orchestrated by hackers targeting the internet infrastructure of Liberia, causing widespread disruption. The incident is more aligned with a cybersecurity incident rather than a typical software failure [49578]. |