Mirai #14’s Daniel Kaye Jailed for sending Liberia Offline
A British cyber criminal who carried out an attack so powerful it knocked a nation offline has been jailed.
Daniel Kaye admitted attacking an African phone company – inadvertently crashing Liberia’s internet – in 2016.
The 29-year-old remains at the heart of a major international investigation into hundreds of acts of cyber sabotage around the world.
The National Crime Agency says Kaye is perhaps the most significant cyber criminal yet caught in the UK.
Jailing Kaye for 32 months at Blackfriars Crown Court in London, Judge Alexander Milne QC said Kaye had committed a “cynical” financial crime.
He added: “Paradoxically, what is urged on your behalf is that you are an intelligent young man who knows what your powers can do.
“But that makes it all the more worrying that you used your abilities to carry out this attack.”
Kaye wept as he was taken down.
Who is Daniel Kaye?
Kaye, from Egham in Surrey, is a self-taught hacker who began selling his considerable skills on the dark web – offering individuals opportunities to target and destroy their business rivals.
According to court papers, Kaye was hired in 2015 to attack Lonestar, Liberia’s leading mobile phone and internet company, by an individual working for Cellcom, its competitor.
There is no suggestion that Cellcom knew what the employee was doing – but the individual offered Kaye up to $10,000 (£7,800) a month to use his skills to do as much as possible to destroy Lonestar’s service and reputation.
Robin Sellers, prosecuting, told Blackfriars Crown Court that in November 2016 Kaye had built a “botnet” – a particularly powerful form of cyber attack that is designed to overwhelm a target’s systems, making it impossible to carry out normal business.
This type of attack is known as a Distributed Denial of Service (DDOS). It is different to a ransom demand that locks up systems, such as the “Wannacry” attack on the NHS.
What did Kaye’s botnet do?
The weapon, known as “Mirai #14” worked by secretly hijacking a vast number of Chinese-made Dahua webcams, which are used for security in homes and businesses around the world.
He identified that the cheap cameras and other similar equipment had a security flaw – and he exploited that to take over the devices without owners knowing.
That meant he could turn them into what amounted to a “zombie” cyber army to attack his target.
In November 2016, working secretly out of Cyprus and controlling the botnet via his mobile phone, Kaye ordered it to overwhelm Lonestar’s systems.
On his command, hundreds of thousands of the webcams began firing data requests at the west African company.
The system began to struggle to manage the demands and parts of the infrastructure crashed.
He then tried to pull in additional firepower by sending further attacks from Germany, where he had sought to hijack part of Deutsche Telekom’s national infrastructure.
Researchers found that at the peak of the attack, the Mirai #14 code had compromised about one million devices worldwide.
In Liberia, mobile phone users began to see their devices go offline.
The company called in cyber security consultants who attempted to repel the attack, but by that point it was too late because the botnet ran out of control.