British Broadcasting Service or BBC as its popularly known, was hacked. Rueters has reported that a hacker secretly took over a computer server at the BBC. He had planned to sell access to this server so went on launch a Christmas Day campaign to convince other cyber criminals to pay him for access to the system.
BBC’s security team responded very briskly to the security breach and took immediate counter action to revert the server back to secure state on Saturday. It took the BBC security staff 24 hours for the entire clean up operation as per a security personnel familiar with the security breach. Exactly what happened to the secretive hacker’s plan of selling the access on Christmas is not known. It is also not known whether he found any buyers for his Christmas Day party.
When questioned about the security breach, the BBC spokesman declined to discuss the incident with a terse statement “We do not comment on security issues,” he said.
Though the BBC security staff managed to sanitize the server, it is still not known whether the secretive hacker stole any data during the period he had hacked the server and was controlling it. It is also not known if he has managed to damage the server file structure and/or sold any of the data he got access to.
The attack was first identified by a Milwaukee, United States based cyber security firm called Hold Security LLC. Hold Security monitors underground cyber-crime forums for information or titbits about stolen information. It is during this forum patrolling that the firm’s researchers observed a notorious Russian hacker known by the monikers “HASH” and “Rev0lver,” attempting to sell access to the BBC server on December 25.
“HASH” sought to convince high-profile hackers that he had infiltrated the site by showing them files that could only be accessed by somebody who really controlled it, Holden head of Hold Security told Reuters.
So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC, Holden said. He also added that it was it is very common for hackers to buy and sell access to compromised servers on underground forums.
These underground forums give the potential buyers a chance to view the access as a commodity. It also gives them a chance to access the type of profit they can make by buying the access rights. They can also use compromised servers to set up command-and-control centers for cyber-crime operations known as botnets, run spam campaigns or launch denial of service attacks to knock websites off line during some other operation at a later on date.
It remains to be seen whether HASH aka Rev0lver has managed to sell any of the data which will be used in future against the BBC or the UK government.