Home » ISPreview UK News Archives »
BBC Hacks 22000 Internet Connected Computer Users
By: MarkJ - 12 March, 2009 (9:59 AM)

Bizzarely the BBC has admitted to hijacking (hacking) 22,000 personal computers without user consent. The computers were then turned into a botnet, though allegedly no personal information was accessed on any of the infected systems.

The BBC News Online summary reports that the effort was made as part of an investigation into global cyber crime and to raise awareness about security. They claim that had the "exercise" been done with criminal intent then it would have broken the law:

[BBC] Click ordered its PCs to send out spam to two specific test e-mail addresses set up by the programme. Within hours, the inboxes started to fill up with thousands of junk messages.

By prior agreement, Click launched a Distributed Denial of Service (DDoS) attack on a backup site owned by security company Prevx. Click then ordered its slave PCs to bombard its target site with requests for access to make it inaccessible.

Amazingly, it took only 60 machines to overload the site's bandwidth. DDoS attacks are used by extortionists who threaten to knock a site offline unless a hefty ransom is paid.

The BBC claims to have now destroyed its botnet and informed owners of the unprotected PCs involved. It's certainly a very interesting, if somewhat legally questionable, way of exposing a well known problem with online security.

History - [News Archives]


Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved (Terms, Privacy Policy, Links (.), Website Rules).