Hacker took over BBC server, tried to ‘sell’ access on Christmas Day

A BBC logo is seen on the side of a British Broadcasting Corporation (BBC) building on March 2, 2005 in London, England. Credit: Getty Images
A BBC logo is seen on the side of a British Broadcasting Corporation (BBC) building on March 2, 2005 in London, England. Credit: Getty Images

A hacker secretly took over a computer server at the BBC, Britain’s public broadcaster, and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system.

While it is not known if the hacker found any buyers, the BBC’s security team responded to the issue on Saturday and believes it has secured the site, according to a person familiar with the cleanup effort.

A BBC spokesman declined to discuss the incident. “We do not comment on security issues,” he said.

Reuters could not determine whether the hackers stole data or caused any damage in the attack, which compromised a server that manages an obscure password-protected website.

It was not clear how the BBC, the world’s oldest and largest broadcaster, uses that site, ftp.bbc.co.uk, though ftp systems are typically used to manage the transfer of large data files over the Internet.

The attack was first identified by Hold Security LLC, a cybersecurity firm in Milwaukee that monitors underground cyber-crime forums in search of stolen information.

The firm’s researchers observed a notorious Russian hacker known by the monikers “HASH” and “Rev0lver,” attempting to sell access to the BBC server on December 25, the company’s founder and chief information security officer, Alex Holden, told Reuters.

“HASH” sought to convince high-profile hackers that he had infiltrated the site by showing them files that could only be accessed by somebody who really controlled it, Holden said.

So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC, Holden said.

It is common for hackers to buy and sell access to compromised servers on underground forums.

Buyers view the access as a commodity that grants them the chance to further penetrate the victim organization. They can also use compromised servers to set up command-and-control centers for cyber-crime operations known as botnets, run spam campaigns or launch denial of service attacks to knock websites off line.

The BBC offer stands out because the media company is such a high-profile organization, Holden said. “It’s definitely a notch in someone’s belt.”

BBC has some 23,000 staff and is funded largely by license fees paid by every British household with a television.

Justin Clarke, a principal consultant for the cybersecurity firm Cylance Inc, said that while “HASH” was only offering access to an obscure ftp server, some buyers might see it as a stepping stone to more prized assets within the BBC.

“Accessing that server establishes a foothold within BBC’s network which may allow an attacker to pivot and gain further access to internal BBC resources,” he said.

Media companies, including the BBC, have repeatedly been targeted by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, and other hacker activist groups that deface websites and take over Twitter accounts.

Last January the New York Times reported that it had been repeatedly attacked over four months by Chinese hackers who obtained employees’ passwords.

 


News
Entertainment
Sports
Lifestyle
Local

Monday is the deadline to register for Pennsylvania…

If residents want to vote in the May primary, which includes a vote for a new City Council member, today is the deadline to register.

National

Miss America thinks school should reconsider discipline of…

A Pa. student was suspended for asking Miss America to prom.

Local

Aria Health Torresdale workers caught selling prescription drugs

Two Aria Health at Torresdale employees were fired amid accusations they sold prescription drugs out of the Northeast Philadelphia campus.

National

Rubin 'Hurricane' Carter died Sunday from prostate cancer…

Former U.S. professional boxer Rubin "Hurricane" Carter, who spent 19 years in prison for murder and then was released after it was determined he did not get a fair trial,…

Television

'Game of Thrones' recap: Season 4, Episode 3,…

The problem with the devil you know is that ignoring them doesn’t mean they simply lie in wait. It allows them time to do things…

Television

Discovery cancels 'Everest Jump Live' special in wake…

The Discovery Channel has indicated it will not be moving forward with "Everest Jump Live," a planned special about mountain climber Joby Ogwyn's effort to…

The Word

'X-Men' director Bryan Singer drama continues

  News broke late last week that "X-Men" and "The Usual Suspects" director Bryan Singer is being sued by a man who said Singer molested…

The Word

Miley Cyrus cancels more dates, tweeting from hospital

Miley Cyrus is reportedly so sick that she's had to postpone more tour dates. We know this because she has been sitting in a hospital…

NHL

Ray Emery steps up in Flyers’ Game 2…

Sure, he allowed two goals in the Rangers’ first four shots Sunday afternoon, but it’s about how you start, not how you finish.

NHL

Flyers come from behind, even series with Rangers

The Flyers overcame a two-goal deficit to get a much-needed win at Madison Square Garden Sunday.

MLB

Phillies get set for four against the Dodgers

The Phillies will face tough starting pitching out west against the Dodgers this week.

MLB

Phillies notebook: Cole Hamels returns this week

The Phillies should receive a big boost when Cole Hamels returns during the Dodgers series.

Travel

Packing: The one thing you need in your…

A new survey that looks at the travel habits of 50,000 people around the world has revealed that Western and Asian globetrotters have different priorities…

Home

Is your chair making it hard to talk?

Ever wished there was an office chair that could make impromptu meetings and discussions more private? The Cristiana Wing Chair is an asymmetrical armchair which…

Travel

Live large at these luxury hotels

From Thai boxing lessons and macabre Dracula tours to the Australian Outback, the Four Seasons hotel chain launched a series of new travel packages this…

Parenting

4 things that every summer camp should have

Alan Saltz, director of the 92nd street Y program lists things that every summer camp should have.