Cyber attacks happen often enough for there to be a great concern about the ramifications left behind. They can happen to every website on the Internet. When they happen, cyber security is forced to reassess the firewalls and maintenance of the website to make certain the attack does not happen again. Regardless of the attempts to stop attacks, they continue to happen because cyber attackers become more sophisticated. One such sophisticated attack was the one completed on March 13, 2016 against the BBC website.
The attack on the BBC website was different from other attacks in the way that it was perpetrated. The site was used to attack customer’s computers through various malicious advertisements. A hacker who used a domain that was out-of-date and was not maintained any longer started the attack. Once that was established, the hacker could use that domain to attach the malware to the ads, and then attach the ads to the site. Hackers and cyber attackers used the ads on the website to attach the malware and ransomware without the firewalls or security being able to detect it. Then, when the customers clicked on the website, the malwares would attack their computers.
This malvertising cyber attack was coordinated along with an attack on the Newsweek, The New York Times, and MSN websites. Those websites had the same problems with their ads. Their customers experienced the same issues with being infected with malware after clicking on the ads.
The various malware and ransomware have different reasons to be deployed. The first type of malware used was the Angler exploit kit. This kit looks for holes in the firewall of a computer to exploit. Once it finds the holes, the malware worm is delivered into the hole and the computer is infected. This is very hard to fix because the worm can hid within the files of the computer and create many problems within the computer. This worm can create a portal for the hacker to gain important information, like banking accounts, routing numbers and other personal information that is stored on personal computers.
Ransomware is another type of worm that infected the customer computers. This worm gets into the computer files and encodes them with an encryption that only the hacker knows. Therefore, the files are kept encoded until the hacker’s demands are met. That could be anything from monetary ransom to incrimination of the computer’s owner on the Internet to other items that the hacker would want or need. Once the demands are met, the hacker supplies the victim with the decoding code to unlock their computer.
The attack was preceded by a smaller test attack on Friday night using the same type of format for the attack. Some larger companies’ ads had malware attached to them. When the customers clicked on the ads, the malware attacked the computers in the two different ways. Experts believe that was a warm up for Sunday’s massive attack because that attack was 10 times larger than a normal attack.
Thousands of customers were affected by the attack. Because the fallout of the attack was still affecting computers the following Monday, security specialists are hard pressed to determine an exact number of the infected computers. Regardless, thousands of computers were infected and the hackers stole several thousands of customers’ private information.
Due to this breach, security and firewalls for Internet sites will need to be upgraded and made more secure. Hackers like this pose a huge threat especially when they can successfully infect a well-known and trusted site like BBC.
Citations:
http://www.pcworld.com/article/3044874/security/large-advertising-based-cyberattack-hit-bbc-new-york-times-msn.html
Several Top websites as BBC, New York Times AOL, MSN and others victims of malvertising