Hacker took over BBC server, tried to ‘sell’ access on Christmas Day

A BBC logo is seen on the side of a British Broadcasting Corporation (BBC) building on March 2, 2005 in London, England. Credit: Getty Images
A BBC logo is seen on the side of a British Broadcasting Corporation (BBC) building on March 2, 2005 in London, England. Credit: Getty Images

A hacker secretly took over a computer server at the BBC, Britain’s public broadcaster, and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system.

While it is not known if the hacker found any buyers, the BBC’s security team responded to the issue on Saturday and believes it has secured the site, according to a person familiar with the cleanup effort.

A BBC spokesman declined to discuss the incident. “We do not comment on security issues,” he said.

Reuters could not determine whether the hackers stole data or caused any damage in the attack, which compromised a server that manages an obscure password-protected website.

It was not clear how the BBC, the world’s oldest and largest broadcaster, uses that site, ftp.bbc.co.uk, though ftp systems are typically used to manage the transfer of large data files over the Internet.

The attack was first identified by Hold Security LLC, a cybersecurity firm in Milwaukee that monitors underground cyber-crime forums in search of stolen information.

The firm’s researchers observed a notorious Russian hacker known by the monikers “HASH” and “Rev0lver,” attempting to sell access to the BBC server on December 25, the company’s founder and chief information security officer, Alex Holden, told Reuters.

“HASH” sought to convince high-profile hackers that he had infiltrated the site by showing them files that could only be accessed by somebody who really controlled it, Holden said.

So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC, Holden said.

It is common for hackers to buy and sell access to compromised servers on underground forums.

Buyers view the access as a commodity that grants them the chance to further penetrate the victim organization. They can also use compromised servers to set up command-and-control centers for cyber-crime operations known as botnets, run spam campaigns or launch denial of service attacks to knock websites off line.

The BBC offer stands out because the media company is such a high-profile organization, Holden said. “It’s definitely a notch in someone’s belt.”

BBC has some 23,000 staff and is funded largely by license fees paid by every British household with a television.

Justin Clarke, a principal consultant for the cybersecurity firm Cylance Inc, said that while “HASH” was only offering access to an obscure ftp server, some buyers might see it as a stepping stone to more prized assets within the BBC.

“Accessing that server establishes a foothold within BBC’s network which may allow an attacker to pivot and gain further access to internal BBC resources,” he said.

Media companies, including the BBC, have repeatedly been targeted by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, and other hacker activist groups that deface websites and take over Twitter accounts.

Last January the New York Times reported that it had been repeatedly attacked over four months by Chinese hackers who obtained employees’ passwords.

 



News
Entertainment
Sports
Lifestyle
National

Sister of accused Boston Marathon bombers arrested for…

The sister of the accused Boston Marathon bombers was arrested in New York City for threatening a woman over the phone, saying she could "put a bomb on you," police…

Local

Mayor announces public housing improvements

Mayor Bill de Blasio spoke at the Lincoln Houses in East Harlem on Wednesday, calling for the scaffolding to come down at NYCHA complexes across…

National

Peter Theo Curtis: American released by Syrian militants…

An American writer freed this week from two years in the captivity of insurgents in Syria spoke briefly outside his family's Cambridge home Wednesday of…

Local

Bratton defends 'broken windows' work as NYPD support…

Sixty percent of those polled said they support the "broken windows" theory approach popularized by Commissioner Bratton since his first term in the 1990s.

Television

'So You Think You Can Dance' recap: Season…

Season 11’s top four dancers gave their final performances before America’s Favorite Dancers are announced next week.

Going Out

Labor Day in NYC: Make the last weekend…

Soon, it’ll be time for wool accessories and knee-high boots. Even the Pumpkin Spice Latte has already arrived — but we still have one last…

Going Out

Things to do this week in NYC, Aug.…

MUSIC The Electric Zoo Festival Aug. 29-31, 1 p.m. Randall’s Island Park $99-$369, www.electriczoofestival.com The electronic music celebration returns for a fifth year, with 150,000 attendees…

Going Out

5 things to do this weekend in NYC

The Electric Zoo Festival Aug. 29-31, 1 p.m. Randall’s Island Park $99-$369, www.electriczoofestival.com The electronic music celebration returns for a fifth year, with 150,000 attendees expected. David Guetta,…

NFL

Mario Manningham on the bubble as Giants play…

Former Super Bowl hero Mario Manningham hopes his second go-around with Big Blue doesn’t end with Saturday’s final cut day.

NFL

Source: Stephen Hill 'faces a battle' to make…

A team source says Stephen Hill, who has battled injuries and poor performances during his first two years, is no lock to make the Jets’ final roster.

Sports

Serena Williams leaving legacy of talented American women…

It seems only a matter of when, not if, Serena Williams will win her 18th career grand slam championship.

College

When are 2014 college football playoffs? (Schedule, date,…

When and where are 2014 college football playoffs? A look at the schedule, date, TV, time for the semi-finals at championship game.

Food

Recipe: Samuel Adams beer-marinated grilled shrimp

Summer calls for two things: a cold beer and light food. Sam Adams' Latitude 48 IPA fairly bursts with citrus notes, making it an ideal marinade…

Wellbeing

4 healthy ingredient swaps to make your meals…

When it comes to eating well, everyone knows they could be doing better. But cooking in an apartment on a busy schedule is a recipe…

Wellbeing

Heart trumps brain when it comes to movies…

When you need a good cry, do you reach for the movie that’s “based on a true story”? Science says you’re giving your brain far…

Sex

The 10 types of people you meet online

Does it ever seem like online dating profiles tend to get a little repetitive? It turns out you are not the only one to have…