BBC hack attack linked to Iran

The BBC has fallen victim to another cyber attack, with all eyes looking to Iran as the possible perpetrator.

The global media company believes a distributed denial of service (DDoS) attack was the reason for its outlets across Persia falling down on 1 March, leaving citizens unable to view BBC TV channels or listen to the radio broadcasts.

It also affected BBC staff who were unable to receive or send emails, as well as access certain parts of the internet, and even blocked phone lines in London-based offices

We regard the coincidence of these different attacks as self-evidently suspicious.

In a speech made by the BBC's director general, Mark Thompson, last night to the Royal Television society, he revealed signals for the BBC to be shown in Iran had been jammed and made a link between the two events.

"It is difficult, and may prove impossible, to confirm the source of these attacks, though attempted jamming of BBC services into Iran is nothing new and we regard the coincidence of these different attacks as self-evidently suspicious," he was due to say, according to extracts of the speech released in advance by the BBC.

"I don't want to go into any more detail about these incidents except to say that we are taking every step we can, as we always do, to ensure that this vital service continues to reach the people who need it."

Hacktivism and politically-motivated cyber crime are a reality and companies need to take the threat seriously.

Iranian authorities are still yet to make a statement on the reported attacks.

Graham Cluley, senior technology consultant for Sophos, told IT Pro all large corporations should be prepared for this sort of attack due to their commonplace nature in the IT environment today.

"I think they're a fact of life now," he said. "Hacktivism and politically-motivated cyber crime are a reality and companies need to take the threat seriously."

"Good practice [to protect your firm] would include securing your computers, keeping up-to-date with patches, deploying filtering software to protect your email and web gateways, and working with your technology providers to see how you might best deflect a DDoS attack."

Rik Ferguson, director of security research at Trend Micro, added: "Most media organisations who broadcast content into unfriendly territories have been familiar with signal jamming since at least World War II and there remains little that can be done to overcome a determined regime in this respect."

"It could also be argued of course that any nation state is free to assert control over signals that are received within their own airspace, much as the United Kingdom government jammed pirate radio frequencies in the 1970s."

"Mitigating DDoS attacks against telephony systems is an ongoing effort, as with other kinds of DDoS. External facing systems should be hardened, disabling all unnecessary services, where possible strong authentication should be deployed to reduce the possibility of abuse and, of course, firewalls and service provider security have an important role to play."