BBC server took over by Russian cybercriminal
- — 31 December, 2013 08:57
A Russian hacker gained access to a BBC server over the Christmas period and attempted to sell access to it to other cybercriminals, reports suggest.
The BBC's security team responded to the incident on Saturday and told Reuters that they have since secured the site. However, it's not clear whether a sale was made before the exploit was addressed.
The media organisation refused to discuss the breach, claiming that it does not comment on security issues.
The attacked server was an FTP server, which would typically be used to manage the transfer of large data files over the Internet.
Justin Clarke, a principal consultant for cybersecurity firm Cylance, told Reuters that while the hacker was only offering access to an obscure FTP server, some buyers might see it as a stepping stone to more valuable information within the BBC.
"Accessing that server establishes a foothold within the BBC's network which may allow an attacker to pivot and gain further access to internal BBC resources," he told Reuters.
Alex Holden, chief information security officer at Hold Security, said that the hacker, who is nicknamed "HASH" and "Rev0lver," tried to convince other cyber criminals that he had infiltrated the site by showing them files that could only be accessed by somebody who had access to the server.
The BBC's computer systems have been targeted by cybercriminals before. Earlier this year, the official BBC weather Twitter account and the BBC Arabic Twitter account were hijacked for almost three hours by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad.