Hackers offer access to BBC to other cyber criminals
While it is not known if the hacker found any buyers, the BBCâs security team responded to the issue on Saturday and believes it has secured the site, according to a person familiar with the clean-up effort.
A BBC spokesman declined to discuss the incident. âWe do not comment on security issues,â he said.
Reuters could not determine whether the hackers stole data or caused any damage in the attack, which compromised a server that manages an obscure password-protected website.
It was not clear how the BBC, the worldâs oldest and largest broadcaster, uses that site, ftp.bbc.co.uk, though ftp systems are typically used to manage the transfer of large data files over the internet.
The attack was first identified by Hold Security, a cybersecurity firm in Milwaukee that monitors underground cyber-crime forums in search of stolen information.
The firmâs researchers observed a notorious Russian hacker known by the monikers HASH and Rev0lver, attempting to sell access to the BBC server on Dec 25, the companyâs founder and chief information security officer, Alex Holden, told Reuters.
HASH sought to convince high-profile hackers that he had infiltrated the site by showing them files that could only be accessed by somebody who really controlled it, Holden said.
So far, Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC.
It is common for hackers to buy and sell access to compromised servers on underground forums.
Buyers view the access as a commodity that grants them the chance to further penetrate the victim organisation. They can use compromised servers to set up command-and-control centres for cybercrime operations known as botnets, run spam campaigns, or launch denial of service attacks to knock websites offline.
The BBC offer stands out because the media company is such a high-profile organisation, Holden said. âItâs definitely a notch in someoneâs belt.â
BBC has some 23,000 staff and is funded largely by license fees paid by every British household with a television.
Justin Clarke, a principal consultant for the cybersecurity firm Cylance, said that while HASH was only offering access to an obscure ftp server, some buyers might see it as a stepping stone to more prized assets within the BBC.
âAccessing that server establishes a foothold within BBCâs network which may allow an attacker to pivot and gain further access to internal BBC resources,â he said.
Media companies, including the BBC, have repeatedly been targeted by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, and other hacker activist groups that deface websites and take over Twitter accounts.
Last January the New York Times reported that it had been repeatedly attacked over four months by Chinese hackers who obtained employeesâ passwords.
Reuters
CONNECT WITH US TODAY
Be the first to know the latest news and updates
