The British Broadcasting Corporation (BBC) receives over a quarter of a million malicious email attacks every day, according to official figures.
This data revealed under the Freedom of Information (FOI) Act by the Parliament Street think tank’s cyber security team. It showed 283,597 malicious emails were blocked by the organisation every day over the first eight months of 2020.
The scale of the attacks
The data shows that the BBC receives an average of 6,704,188 monthly hostile emails classed as scam or spam. Additionally, an average of 18,662 malware attacks such as viruses, ransomware and spyware are blocked. Across the eight-month period, January to August 2020, a total of 51,898,393 infected emails were blocked by the BBCs systems.
The highest month of attacks was July with a huge total of 6,801,227 incidents recorded. Of these 6,787,635 were spam and 13,592 were malware. The second highest month was March, when the COVID-19 outbreak was at its worst in the UK. The BBC received 6,768,632 spam attempts and 14,089 malware attempts, totalling 6,782,721.
Multiple cyber attack incidents
In the past the BBC has experienced multiple incidents when it comes to cyber attempts and potential breaches. In 2013 the BBC twitter feed was subject to a phishing hack, by what appeared to be sympathisers of Syrian President Bashar Assad. The BBC said the “phishing” emails contained what appeared to be links to The Guardian newspaper or Human Rights Watch online and brought users to a fake webmail portal.
In 2016 there was another hack. An anti-Isis hacking group claimed responsibility for downing BBC websites and services on New Year’s Eve.
Additionally there was another attack in December 2015, when the BBC’s websites were unavailable because of a large web attack. It is believed that a web attack technique known as a “distributed denial of service” was causing the patchy response. This aims to knock a site offline by swamping it with more traffic than it can handle.
A ripe opportunity for hackers
The data suggests that it is an ongoing struggle for the BBC to obstruct these malware, phishing and spam attempts. This is to ensure that any major breach can be avoided.
According to Tim Sadler, CEO at Tessian, “The global pandemic has become a ripe opportunity for hackers’ phishing scams. We can clearly see that in reflected in the spike of malicious attacks on the BBC. In the wake of the outbreak, journalists and employees would have been busier and more distracted than usual.
“Using clever social engineering techniques, cybercriminals prey on people’s desire for information during uncertain times. They bank on the fact that busy, distracted and stressed employees may miss the signs of a phishing email. As a result, they fall for their scams. Organisations, therefore, must have security measures in place to automatically predict such email threats and warn people before they click or download an attachment.”
Enterprise Times: What this means for business
The various malware, phishing and cyber attacks on the BBC acts as a warning for all businesses. Criminals will never let a good crisis go to waste. Employees are now connecting to their organisations from home in large numbers. This allow attackers to target companies in many more ways. These tactics have always existed. However, security analysts are seeing that cyber-criminals are indeed adapting and evolving their tactics to the new remote-access world we now find ourselves in. Therefore, as Tim Sadler advises, organisations must have the security measures to detect such email threats. Furthermore to warn, advice employees before they click or download an attachment.