December 30, 2013
Hacker Infiltrates, Attempts To Sell Access To BBC FTP Server
redOrbit Staff & Wire Reports – Your Universe Online
A hacker reportedly managed to gain access to a computer server at the BBC sometime on or before Christmas Day, and then tried to sell access to the public broadcasting station’s network over the holidays.The cyber attack was initially discovered by Milwaukee-based Hold Security and first reported by Reuters on Sunday. It is not known whether the individual responsible for the attack, a “notorious” Russian hacker identified by the news agency as “HASH” and “Rev0lver,” was able to find any takers for his scheme.
Jim Finkle, author of the Reuters report, said that the network’s cybersecurity personnel responded to the incident on Saturday, and a person familiar with their efforts said that it is believed that the server is once again secure. BBC representatives declined to discuss the matter, telling Finkle that they “do not comment on security issues.”
The news agency reported that they were unable to determine whether hackers were able to gain access to stored data or cause any network damage on the server, which manages “an obscure password-protected website.” The exact use of the website, ftp.bbc.co.uk, is unclear, though Finkle noted that FTP servers “are typically used to manage the transfer of large data files over the Internet.”
Furthermore, Slashgear’s Will Conley points out that it has not yet been determined whether any other part of the broadcasting network’s computer infrastructure was affected during the attack. When a hacker gains access to an FTP server, he explained, it could potentially serve as a gateway into other parts of the network, allowing cybercriminals to swipe data or transmit messages of their own design.
“It is common for hackers to buy and sell access to compromised servers on underground forums,” Finkle said. “Buyers view the access as a commodity that grants them the chance to further penetrate the victim organization. They can also use compromised servers to set up command-and-control centers for cyber-crime operations known as botnets, run spam campaigns or launch denial of service attacks to knock websites off line.”
The BBC is far from the only media organization to be the target of computer hackers this year. The Washington Post media group has been hacked three times during the last three months, most recently just a few days ago. In August, both CNN and Time acknowledged that their websites had been breached by the Syrian Electronic Army (SEA), and the New York Times was victimized in January.