News

BBC server taken over by Russian cybercriminal

bbc-tvcA Russian hacker gained access to a BBC server over the Christmas period and attempted to sell access to it to other cybercriminals, reports suggest.

US firm Hold Security told Reuters and the Financial Times that it had spotted the hacker advertising the exploit on an underground cybercrime forum.

The BBC’s security team responded to the incident on Saturday and told Reuters that they have since secured the site. However, it’s not clear whether a sale was made before the exploit was addressed.

The media organisation refused to discuss the breach, claiming that it does not comment on security issues.

The attacked server was an FTP server, which would typically be used to manage the transfer of large data files over the Internet.

Justin Clarke, a principal consultant for cybersecurity firm Cylance, told Reuters that while the hacker was only offering access to an obscure FTP server, some buyers might see it as a stepping stone to more valuable information within the BBC.

“Accessing that server establishes a foothold within the BBC’s network which may allow an attacker to pivot and gain further access to internal BBC resources,” he told Reuters.

Alex Holden, Chief Information Security Officer, Hold Security, said that the hacker, who is nicknamed “HASH” and “Rev0lver,” tried to convince other cyber criminals that he had infiltrated the site by showing them files that could only be accessed by somebody who had access to the server.

The BBC’s computer systems have been targeted by cybercriminals before. Earlier this year, the official BBC weather Twitter account and the BBC Arabic Twitter account were hijacked for almost three hours by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad.

 

 

Originally published on Techworld.com. Reprinted with permission from IDG.net. Story copyright 2024 International Data Group. All rights reserved.
Previous ArticleNext Article

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

GET TAHAWULTECH.COM IN YOUR INBOX

The free newsletter covering the top industry headlines