Liberia has been repeatedly cut off from the internet by hackers targeting its only link to the global network.
Recurrent attacks up to 3 November flooded the cable link with data, making net access intermittent.
Researchers said the attacks showed hackers trying different ways to use massive networks of hijacked machines to overwhelm high-value targets.
Experts said Liberia was attacked by the same group that caused web-wide disruption on 21 October.
Those attacks were among the biggest ever seen and made it hard to reach big web firms such as Twitter, Spotify and Reddit.
The attacks were the first to send overwhelming amounts of data from weakly protected devices, such as webcams and digital video recorders, that had been enrolled into what is known as a botnet.
A botnet variant called Mirai was identified by security firms as being the tool used to find and compromise the insecure devices.
The source code for Mirai has been widely shared and many malicious hacker groups have used it to seek out vulnerable devices they can take over and use to mount what are known as Distributed Denial of Service (DDoS) attacks.
“There’re multiple different botnets, each with a different owner,” said security researcher Kevin Beaumont. “Many are very low-skilled. Some are much better.”