The article is confusing several data points into one:<p><pre><code> * Schneier's article[1] detailing what seem like "test attacks", to discover how to take the internet down,
* The attack against Brian Krebs[2], using the Mirai botnet
* The attack against Dyn[3], also using Mirai
</code></pre>
The article implies that all three points are related into a single story. But Schneier himself suggested that his report and the attack on Dyn are not related, and that it was more of a coincidence [4]. Krebs suggested that Mirai may have been released intentionally to hide the creators among a sea of attacks [5].<p>Whoever is probing the internet is (probably) a state actor, while Mirai is used by "regular" users. These are three separated events, and not a growing campaign against the US elections.<p>[1] <a href="https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html" rel="nofollow">https://www.schneier.com/blog/archives/2016/09/someone_is_le...</a><p>[2] <a href="https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/" rel="nofollow">https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with...</a><p>[3] <a href="https://www.schneier.com/blog/archives/2016/10/ddos_attacks_ag.html" rel="nofollow">https://www.schneier.com/blog/archives/2016/10/ddos_attacks_...</a><p>[4] <a href="https://www.schneier.com/blog/archives/2016/10/ddos_attacks_ag.html" rel="nofollow">https://www.schneier.com/blog/archives/2016/10/ddos_attacks_...</a><p>[5] <a href="https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/" rel="nofollow">https://krebsonsecurity.com/2016/10/source-code-for-iot-botn...</a>