A Russian hacker secretly took over a computer server at the British Broadcasting Corporation (BBC) before Christmas and attempted to sell access to it to other cybercriminals, according to reports.
The BBC’s security team believes it managed to secure the site on 28 December. It had been broken into via a server usually used for uploading large files. According to Reuters the hacker, known online as ‘HASH’ or ‘Rev0lver’, offered proof that he had broken in by posting a screenshot of the server and its files on an underground forum where he was trying to sell access on Christmas Day.
US firm Hold Security told Reuters and the
that it had spotted the hacker advertising the exploit on a black market forum last week. It added that it was not clear whether the attacker secured a sale before the broadcaster reacted.
“The only other information that I can offer is that the hacker was offering a screenshot proving that he had administrative access to the BBC server,” said Alex Holden, Hold’s founder and chief information security officer.
“It was solid technically convincing evidence.
“Generally speaking, we often see high-profile companies like the BBC getting breached. Unfortunately, larger companies are targeted more because hackers can easily monetise their gains.”
Holden added that the hacker didn’t specify a price for access, but the value of infiltrating the BBC server was less than that of hacking credit card details. “I doubt that the BBC stored 40m credit cards but they have something as valuable,” he said. “Theoretically speaking, a hacker who is able to manipulate or fabricate a news story may crash financial markets, make millions, and cause billions in losses.”
Both the BBC and other media groups have regularly been targeted by the Syrian Electronic Army, which supports Syrian president, Bashar al-Assad, and other hacker activist groups that deface websites and take over Twitter accounts. In January the
New York Times
reported that it had been repeatedly attacked over four months by Chinese hackers who obtained employees’ passwords.
Syrian hackers managed to break into the Associated Press account in April and faked a story about an attack on the White House, causing the US stock market to drop by 143 points in seconds.
Rising interest rates, excitement around blockchain use cases and cross-border payments were all hot topics at this year's AFP conference in San Deigo.
The US dollar and debt yields falling on the North Korea missile test, treasury being a top target for cyber criminals and why treasurers aren't into real-time payments all hit the latest headlines in the world of treasury this week. Don't miss our ten top news stories from around the world.
Treasurers are being expected to do more work with fewer resources than ever before, so it is little wonder that the automation of day-to-day operations was highly discussed on the second day of EuroFinance, the annual treasury event held in Barcelona this week.
Chicago based Treasury Management System (TMS) vendor GTreasury and Sydney based risk and treasury management vendor Visual Risk have joined forces in a strategic alliance to ... read more