The world’s largest and oldest broadcaster, the British Broadcasting Company (BBC), became the next victim of cyber attack as their servers were accessed by a Russian hacker on Christmas Day, according to recent articles published by both Reuters and The Hosting News (THN). The article by THN indicated that the hacker accessed the British broadcaster’s servers “through an ftp system which is typically used for transferring large data files.”
According to the Reuters report, the “notorious” hacker, known by his online names, “HASH” and “RevOlver“, used the accessed files and information to “convince high-profile hackers that the site had been infiltrated, in which he then attempted to sell data from the site in a campaign to other cyber criminals.” Hold Security LLC., a cyber-security firm based in Milwaukee, found out about the attack while monitoring an “underground cyber-crime forum” but have no evidence which confirms any of the BBC’s data actually being sold, according to the article.
Hold Security’s founder and Chief Information and Security officer Alex Holden was quoted in the Reuters article to say, “The BBC offer stands out because the media company is such a high-profile organization…It’s definitely a notch in someone’s belt.” Holden went on to say in the article that this hacker tried to “convince high-profile hackers” by “showing them files that could only be accessed by somebody” who truly “controlled” the site. Justin Clarke, a principal consultant for the cyber-security firm Cylance Inc., was quoted in the Reuter’s article to say,”While HASH was only offering access to an obscure ftp server, some buyers might see it as a stepping stone to more prized assets within the BBC. Accessing that server establishes a foothold within BBC’s network which may allow an attacker to pivot and gain further access to internal BBC resources.”