A few options:

- testing in preparation for a future attack

- proof of capability ("Nice network you have there. It'd be a shame if something happened to it")

- misfire ('What happens when I push this button that says "don't push"?')

Maybe someone was interested in buying the services, and the creator need to prove the capabilities. I'm sure there's other reasons too.

I was thinking reconn...but the other reasons cited by others here seem totally viable too.