It'd be a little crazy to imagine ending 2013 without another breach-of-security story, so fortunate for us, BBC has come to the last-minute rescue. On December 25th, a Russianhacker is said to have listed a sale on a black market website that offered information about accessing a BBC server, something that US firm Hold Security picked up on and notified the British broadcaster about.
Unlike many of the security breaches we unfortunately have to write about, it seems that no sensitive information had been taken from BBC's servers - no credit card numbers, and no user accounts. That's kind of refreshing, isn't it?
The compromised machine was a simple file-transfer server (FTP), one that merely stored advertiser assets. However, as much of a non-issue as that might seem, had the FTP server been vulnerable, it could have acted as the gateway to other machines. When it comes to computer security, even the simplest of things can be the beginning of something major.
While nothing catastrophic has resulted from this breach, it once again highlights the importance of keeping computers - especially servers - fully up-to-date with the latest security patches. As BBC doesn't comment on security issues, we'll likely never know whether something big could have easily become of this. Had Hold Security not picked up on the issue so quickly, BBC might have had a mess to clean.
No comments:
Post a Comment