Hacker took over BBC server, tried to ‘sell’ access on Christmas Day

A BBC logo is seen on the side of a British Broadcasting Corporation (BBC) building on March 2, 2005 in London, England. Credit: Getty Images
A BBC logo is seen on the side of a British Broadcasting Corporation (BBC) building on March 2, 2005 in London, England. Credit: Getty Images

A hacker secretly took over a computer server at the BBC, Britain’s public broadcaster, and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system.

While it is not known if the hacker found any buyers, the BBC’s security team responded to the issue on Saturday and believes it has secured the site, according to a person familiar with the cleanup effort.

A BBC spokesman declined to discuss the incident. “We do not comment on security issues,” he said.

Reuters could not determine whether the hackers stole data or caused any damage in the attack, which compromised a server that manages an obscure password-protected website.

It was not clear how the BBC, the world’s oldest and largest broadcaster, uses that site, ftp.bbc.co.uk, though ftp systems are typically used to manage the transfer of large data files over the Internet.

The attack was first identified by Hold Security LLC, a cybersecurity firm in Milwaukee that monitors underground cyber-crime forums in search of stolen information.

The firm’s researchers observed a notorious Russian hacker known by the monikers “HASH” and “Rev0lver,” attempting to sell access to the BBC server on December 25, the company’s founder and chief information security officer, Alex Holden, told Reuters.

“HASH” sought to convince high-profile hackers that he had infiltrated the site by showing them files that could only be accessed by somebody who really controlled it, Holden said.

So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC, Holden said.

It is common for hackers to buy and sell access to compromised servers on underground forums.

Buyers view the access as a commodity that grants them the chance to further penetrate the victim organization. They can also use compromised servers to set up command-and-control centers for cyber-crime operations known as botnets, run spam campaigns or launch denial of service attacks to knock websites off line.

The BBC offer stands out because the media company is such a high-profile organization, Holden said. “It’s definitely a notch in someone’s belt.”

BBC has some 23,000 staff and is funded largely by license fees paid by every British household with a television.

Justin Clarke, a principal consultant for the cybersecurity firm Cylance Inc, said that while “HASH” was only offering access to an obscure ftp server, some buyers might see it as a stepping stone to more prized assets within the BBC.

“Accessing that server establishes a foothold within BBC’s network which may allow an attacker to pivot and gain further access to internal BBC resources,” he said.

Media companies, including the BBC, have repeatedly been targeted by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, and other hacker activist groups that deface websites and take over Twitter accounts.

Last January the New York Times reported that it had been repeatedly attacked over four months by Chinese hackers who obtained employees’ passwords.

 



News
Entertainment
Sports
Lifestyle
National

Sprint and T-Mobile offer further price discounts

Sprint unveiled a plan on Thursday that gives subscribers access to unlimited data for $60 a month, the industry's cheapest unlimited data offering.

National

Hundreds pay it forward at Florida Starbucks in…

The spontaneous chain of kindness continued for about 11 hours, totaling 457 transactions by the time it ended.

National

Weather system east of Caribbean could turn into…

An area of low pressure located east of the Caribbean Sea has a 50 percent chance of becoming a tropical depression or storm in the next 48 hours, U.S. forecasters…

National

U.S. hospital to discharge doctor treated with experimental…

An American doctor who contracted Ebola treating victims of the deadly virus in Liberia has recovered and will be discharged on Thursday by the Atlanta hospital that treated him with…

Music

polyphonic

Movies

Review: 'When the Game Stands Tall' is both…

The high school football saga "When the Game Stands Tall" fumbles around for a focus while Jim Caviezel offers the most low-key coach in history.

Movies

Girlfriend in a coma: Chloe Grace Moretz

Chloe Grace Moretz is the best cheerleader "If I Stay" could ask for. As the star of the film adaptation of the successful YA novel…

The Word

The Word: Summer lovin' for Zac Efron and…

Ah, the summer romance. So intense, so fleeting. With Labor Day fast approaching, it should come as little surprise that the incredibly surprising romance between…

NFL

Fantasy football draft guide: How to draft your…

Many are wondering if we’re entering a new age in fantasy football drafting — one where running backs take a backseat.

NFL

Jets vs. Giants: 3 Giants storylines to watch

The Giants have plenty to work on as they reach the dress rehearsal preseason game Friday night against the rival Jets.

NFL

Jets vs. Giants: 3 Jets storylines to watch

Metro looks at three Jets storylines to watch as they play the Giants Friday.

NFL

Giants expected to work Corey Washington into first-team…

The day of reckoning for the Giants' fringe players will fall upon them Friday night against the Jets.

Sex

Big weddings may lead to long-term happiness

Dreaming of a big wedding? A new study indicates that the longer your guest list, the happier you’ll be in the long run. l A…

Sex

Online dating for every generation

Frank Jackson and his mother Maggie are like lots of modern families: They have dinner together regularly, keep each other updated on their lives —…

Wellbeing

Going green could be the key to getting…

If we could just pursue the things that would actually make us happy, we could help the environment too, according to a New York researcher.…

Tech

Siren: A new dating app that puts women…

Online dating can be brutal, especially for single women. Noting that many women hate wading through inappropriate messages and photos, two tech entrepreneurs decided to…