Nearly all BBC websites suffered a cyber attack on the last day of the year – the problem was not caused by technical issues, which the corporation first announced as the reason for its web pages not appearing online. Even iPlayer was down yesterday morning.
When visitors tried to open the BBC News website and the iPlayer services on Thursday morning, they were greeted with a webpage containing an error message and an eerie-looking clown.
At first, a statement was issued saying the sites were down due to a ‘technical issue’, but later in the day the UK’s public service broadcaster admitted it had been the victim of a web attack.
Visitors saw the following message during the BBC cyber attack. (Image: ichef.bbci.co.uk)
Distributed denial of service
BBC News says it believes a web attack technique known as ‘Distributed Denial of Service’ (DDoS) caused the outage. DDoS is pronounced as you see it or as “Dee Doss”.
DDoS, also known as a DoS (Denial of Service) attack, is an attempt to make a website difficult to access or completely unavailable to its intended users. The attackers want to temporarily or indefinitely suspend or interrupt the services of a host that is connected to the Internet.
In a DDoS attack, the source consists of more than one IP address – usually thousands of unique IP addresses are involved. Put simply, the affected website is flooded with traffic, so much that it cannot cope and either slows down significantly or crashes.
Most DDoS attempts target high profile sites
Perpetrators of DDoS attacks typically target high profile websites, such as those of credit card payment gateways, banks, government departments, and well known media companies. Motives can vary from activism, blackmail, terrorism, state-to-state attacks, and hackers who see it as a challenge.
According to the BBC, so far nobody has claimed responsibility for the attack.
The DDoS attacker sends attack instructions to the controllers and the controllers automatically forward the instructions to the attack zombies. To find the attacker’s IP address and location requires tracing all three levels. As the controllers and the attack zombies are usually located in different places, often in different countries, finding the source of the attack is extremely difficult. (Image: nsfocusblog.com)
The corporation’s sites were down from 7am to 10:30am GMT. Its crop of websites have suffered other technical issues in the past. In July 2014, several websites, including the iPlayer were offline for a whole weekend. The fault was traced to a database linked to the catch-up TV service.
Microsoft to warn users of hacking attacks
The Microsoft Corporation said it will start warning users if it suspects a government has attempted to hack into its email accounts.
This policy change follows a revelation that the company decided not to notify those who were affected by a hacking campaign discovered in 2011 that had targeted international leaders of China’s Uighur and Tibetan minorities.
Two former employees said Microsoft analysts realized that Chinese authorities appeared to have been behind the attack. However, the Redmond-based tech giant did not inform users of its Hotmail service, which today is called Outlook.com.
Microsoft’s policy shift comes after Yahoo, Twitter and Facebook said they would tell users of any hacking attack.
In a Thursday blog posting, Microsoft said:
“We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be “state-sponsored” because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others. These notifications do not mean that Microsoft’s own systems have in any way been compromised.”
“If you receive one of these notifications it doesn’t necessarily mean that your account has been compromised, but it does mean we have evidence your account has been targeted, and it’s very important you take additional measures to keep your account secure. You should also make sure your computer and other devices don’t not have viruses or malware installed, and that all your software is up to date.”
Customers can read about the steps they can take to better protect their personal data and make any necessary changes on the Microsoft Account Security Page.
According to the UK’s National Crime Agency:
“DDOS attacks prevent legitimate access to online services by swamping the communications links with a mass of traffic so that users are unable to access the service as it can not handle the volume of incoming traffic.”
“These attacks are usually undertaken through the use of botnets – a group of compromised, controlled computers which involuntarily send messages simultaneously to the computer or server.”
Video – What are DDoS attacks?
This video explains what a DDoS attack is and how it can affect an organisation or business.