BBC server took over by Russian cybercriminal

The hacker, nicknamed "HASH", tried to sell access to the corporation's data on Christmas Day
  • Sam Shead (Techworld)
  • — 31 December, 2013 08:57

A Russian hacker gained access to a BBC server over the Christmas period and attempted to sell access to it to other cybercriminals, reports suggest.

US firm Hold Security told Reuters and the Financial Times that it had spotted the hacker advertising the exploit on an underground cybercrime forum.

The BBC's security team responded to the incident on Saturday and told Reuters that they have since secured the site. However, it's not clear whether a sale was made before the exploit was addressed.

The media organisation refused to discuss the breach, claiming that it does not comment on security issues.

The attacked server was an FTP server, which would typically be used to manage the transfer of large data files over the Internet.

Justin Clarke, a principal consultant for cybersecurity firm Cylance, told Reuters that while the hacker was only offering access to an obscure FTP server, some buyers might see it as a stepping stone to more valuable information within the BBC.

"Accessing that server establishes a foothold within the BBC's network which may allow an attacker to pivot and gain further access to internal BBC resources," he told Reuters.

Alex Holden, chief information security officer at Hold Security, said that the hacker, who is nicknamed "HASH" and "Rev0lver," tried to convince other cyber criminals that he had infiltrated the site by showing them files that could only be accessed by somebody who had access to the server.

The BBC's computer systems have been targeted by cybercriminals before. Earlier this year, the official BBC weather Twitter account and the BBC Arabic Twitter account were hijacked for almost three hours by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad.

Tags: Cylance, BBC, Reuters, security, financial times

Reverse Heartbleed puts your PC and devices at risk of OpenSSL attack

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Security and Data Protection

Protect your computers and data.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.