Hacker took over BBC server, tried to ‘sell’ access on Christmas Day

A BBC logo is seen on the side of a British Broadcasting Corporation (BBC) building on March 2, 2005 in London, England. Credit: Getty Images
A BBC logo is seen on the side of a British Broadcasting Corporation (BBC) building on March 2, 2005 in London, England. Credit: Getty Images

A hacker secretly took over a computer server at the BBC, Britain’s public broadcaster, and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system.

While it is not known if the hacker found any buyers, the BBC’s security team responded to the issue on Saturday and believes it has secured the site, according to a person familiar with the cleanup effort.

A BBC spokesman declined to discuss the incident. “We do not comment on security issues,” he said.

Reuters could not determine whether the hackers stole data or caused any damage in the attack, which compromised a server that manages an obscure password-protected website.

It was not clear how the BBC, the world’s oldest and largest broadcaster, uses that site, ftp.bbc.co.uk, though ftp systems are typically used to manage the transfer of large data files over the Internet.

The attack was first identified by Hold Security LLC, a cybersecurity firm in Milwaukee that monitors underground cyber-crime forums in search of stolen information.

The firm’s researchers observed a notorious Russian hacker known by the monikers “HASH” and “Rev0lver,” attempting to sell access to the BBC server on December 25, the company’s founder and chief information security officer, Alex Holden, told Reuters.

“HASH” sought to convince high-profile hackers that he had infiltrated the site by showing them files that could only be accessed by somebody who really controlled it, Holden said.

So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC, Holden said.

It is common for hackers to buy and sell access to compromised servers on underground forums.

Buyers view the access as a commodity that grants them the chance to further penetrate the victim organization. They can also use compromised servers to set up command-and-control centers for cyber-crime operations known as botnets, run spam campaigns or launch denial of service attacks to knock websites off line.

The BBC offer stands out because the media company is such a high-profile organization, Holden said. “It’s definitely a notch in someone’s belt.”

BBC has some 23,000 staff and is funded largely by license fees paid by every British household with a television.

Justin Clarke, a principal consultant for the cybersecurity firm Cylance Inc, said that while “HASH” was only offering access to an obscure ftp server, some buyers might see it as a stepping stone to more prized assets within the BBC.

“Accessing that server establishes a foothold within BBC’s network which may allow an attacker to pivot and gain further access to internal BBC resources,” he said.

Media companies, including the BBC, have repeatedly been targeted by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, and other hacker activist groups that deface websites and take over Twitter accounts.

Last January the New York Times reported that it had been repeatedly attacked over four months by Chinese hackers who obtained employees’ passwords.

 


News
Entertainment
Sports
Lifestyle
News

OMG! Exercise can make skin (and butt) look…

A moderate exercise regime can turn back time and actually reverse the skin's aging process, according to new research. The study showed that a minimum…

News

Mets mascot Mr. Met target of Bill Clinton…

Mets mascot Mr. Met has told how he ended up in the crosshairs of a Secret Service sniper rifle. The man behind the Mr. Met…

International

Jews in eastern Ukraine ordered to register, Kerry…

Secretary of State John Kerry condemned reports that Jews in eastern Ukraine had been ordered to register with the authorities "or suffer the consequences."

National

Chelsea Clinton pregnant with first child

Chelsea Clinton is pregnant with her first child.

Television

'Scandal' recap: Season 3, Episode 18, 'The Price…

Sally is Jesus, Olivia caused global warming, and Mellie's still drunk. Let's recap the Scandal finale. A church full of Washington insiders is about to…

Movies

Review: 'Transcendence' is not stupid but sometimes lacks…

The cyberthriller "Transcendence" explores artificial intelligence, nanotechnology and other ethical quandaries, but has too much ambition, if anything.

Television

Dick Wolf to bring fictionalized world of 'Law…

A&E has ordered a pilot called "D.O.A." from "Law and Order" mastermind Dick Wolf that will focus on real detectives reexamining cold cases. A trio…

Television

Shane West talks WGN America's 'Salem'

The actor on history lessons, a new network and showing his butt.

MLB

MLB video highlights: Red Sox score two in…

Lester shines in Red Sox win over White Sox

Sports

2014 Boston Marathon preview: Elite American, International runners…

2014 Boston Marathon: Elite American, International runners to watch

NBA

2014 NBA Finals odds: Ranking which playoff teams…

2014 NBA Finals odds: Ranking which playoff teams have the best shot at a championship. The Thunder, Clippers, Heat and Rockets lead the way.

NFL

2014 Patriots, full NFL schedule release date announced

2014 Patriots, full NFL schedule release date announced

Style

Light-up nail art syncs with phone

This Japanese technology syncs light-up nail art with your phone.

Wellbeing

Why is dance cardio taking off in NYC?

Instructors at some of the city's hottest classes explain why.

Travel

Earth Day travel in the Florida Keys

See why this eco-friendly destination deserves your attention.

Tech

Sorry, Facebook — FarmVille goes mobile with 'Country…

Zynga has released a version of the hit "FarmVille" tailored for smartphones and tablets in the hope of reaping a bumper crop of players.