Estimated Reading Time: <1
Reported By BBC
A Russian hacker took control of a BBC computer server and attempted to sell access to it to other cybercriminals, according to reports.
It said it was not clear whether the attacker secured a sale before the broadcaster reacted.
A BBC spokesman said: “We do not comment on security issues.”
The server was allegedly compromised via the file-transfer site ftp.bbc.co.uk.
The corporation had previously listed a log-on and password for the service on its news website in 2002 to allow the public to upload video and audio messages marking the anniversary of the 9/11 attacks.
BBC reporters had also historically used the server as a way to send in their own material.
More recently the facility has been used to allow advertisers to send in media files for use on the BBC Worldwide Channels.
‘Jumping off point’
According to Milwaukee-based Hold Security, the hacker used the pseudonyms “Hash” and “Rev0lver”, and publicised the vulnerability on 25 December.
The firm said the attacker provided copies of files that supposedly could only be accessed by someone controlling the site as “proof” that the exploit worked.
One expert said cyber-criminals have been known to use such breaches as a way to compromise wider systems.
“If a security hole has been identified in the underlying server and it has not been patched then the FTP [file transfer protocol] facilities can be exposed,” said Prof Alan Woodward from the University of Surrey’s Department of Computing.
“This could mean, for example, that files containing sensitive information could be downloaded.
“However, the bigger worry is that FTP servers are connected to the remainder of the network and often have easy access to other servers to facilitate internal file transfers, which is how a hacker can then use this as a jumping off point to explore other servers on the network.”
- Breaking: Southeast governors announce own security outfit ‘Ebubeagu’
- #SaabGate: Joe Abah denies involvement in Alex Saab campaign
- Breaking: South-East governors meet in Imo on security
- Ramadan: Look out for crescent from Monday – Sultan
- Police rescue 15 abducted persons, 32 cows in Kaduna
- Police arrest 17 suspected cultists in Abuja
- SERAP says it is unfair to pay judges less, while Presidents and governors take home “huge salaries”
- Catholic Priest abducted in Imo
- Collective responsibility needed in fight against poverty — Okorocha
- INTERVIEW: I am excited people looked beyond the lip gloss to enjoy my content – Enioluwa Adeoluwa, 21-year-old Nigeria’s front-line Influencer