Reports show that a server at the British Broadcasting Corporation has been compromised. Just before Christmas, a Russian hacker secretly took over one of the computer servers at the BBC and tried to sell its access to other cyber criminals.
Though it is still unknown whether the hacker managed to find buyers, the BBC security team is believed to have responded by securing the server on 28th December. As a part of the cleanup efforts, the team declined to provide any details citing “We do not comment on security issues.”
The breach was first identified by Alex Holden, the founder of a Milwaukee based cyber Security Company called Hold Security. The hacker who is known online as “HASH” or “Rev0lver” broke into one of the servers used by BBC, to manage large file uploads and downloads – ftp.bbc.co.uk
Holden said that the hacker had been trying to sell access to the server to other hackers on the internet via an underground forum on the 25th of December. HASH posted a screenshot of the server and its files on the forum as proof. Holden also mentioned that the hacker hadn’t discussed any price for the access, but continued to explain that the information was quite valuable.
“Theoretically speaking, a hacker who is able to manipulate or fabricate a news story may crash financial markets, make millions, and cause billions in losses.”
Another expert on cyber security Justin Clarke from Cylance elucidated, “Accessing that server establishes a foothold within the BBC’s network which may allow an attacker to pivot and gain further access to internal BBC resources,”
Earlier this year the US stock market had crashed by 143 points within seconds, when hackers from Syria managed to hack into the Associated Press account and published a phony story about the White House being attacked. Holden further explained that breaching into large and established companies like the BBC enable hackers to monetize their gains easily.
Gaining access into servers of the like, grants hackers the advantage of laying footwork to build a “command centre” for a large network of Compromised systems, which can be used to launch phishing attacks or spam on the Internet.
Though “HASH” was only selling access to a server of lesser importance, buyers might see it as an opportunity to open up other valuable assets of the BBC.
Media companies have always been targeted by hackers and other activist groups as it opens up several possibilities to cash in on. Outfits like the Syrian Electronic Army and other independent hackers have repeatedly tried to infiltrate into media accounts as media associates with the economy of nations.