Hacker Invites Other Cyber Criminals Into System After Hacking BBC Server On Christmas Day

A computer server at the BBC was secretly taken over by a hacker, who then launched a Christmas Day campaign to convince other cyber criminals to pay him for access into the system, Reuters reported.

While it's unknown if the hacker found any buyers, the BBC's security team responded to the issue on Saturday and believes it has secured the site, according to a person familiar with the cleanup effort.

"We do not comment on security issues," a BBC spokesman who declined to discuss the issue told reporters.

Whether any data was stolen or damage was caused in the attack by the hackers could not be determined, according to Reuters. The hacker, however, compromised a server that manages an obscure password-protected website.

Hold Security LLC, a cyber-security firm in Milwaukee that monitors underground cyber-crime forums in search of stolen information, was first to identify the attack. According to Reuters, it was not clear how the BBC, the world's oldest and largest broadcaster, uses that site, ftp.bbc.co.uk, though ftp systems are typically used to manage the transfer of large data files over the Internet.

A notorious Russian hacker known by the monikers "HASH" and "Rev0lver was first noticed by the firm's researchers on Dec. 25, attempting to sell access to the BBC server, Alex Holden, the company's founder and chief information security officer, told Reuters.

"HASH" sought to convince high-profile hackers that he had infiltrated the site by showing them files that could only be accessed by somebody who really controlled it, Holden said.

No evidence has been found that shows the conversations led to a deal or that data was stolen from the BBC Holden said.

Buying and selling access to compromised servers on underground forums is a common practice by hackers, Reuters reported. Since the media company is such a high-profile organization, the BBC offer stands out.

"It's definitely a notch in someone's belt," Holden said.

Funded largely by license fees paid by every British household with a television, BBC has a staff of some 23,000. Justin Clarke, a principal consultant for the cybersecurity firm Cylance Inc, said that while "HASH" was only offering access to an obscure ftp server, some buyers might see it as a stepping stone to more prized assets within the BBC.

"Accessing that server establishes a foothold within BBC's network which may allow an attacker to pivot and gain further access to internal BBC resources," he said.

According to Reuters, like other media companies, BBC has repeatedly been targeted by the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, and other hacker activist groups that deface websites and take over Twitter accounts.

The New York Times reported last January that it's been repeatedly attacked over four months by Chinese hackers who obtained employees' passwords.

Real Time Analytics