Insider Threat: Reporter’s Harrowing Encounter with Cyber Criminals

Criminal Gang Propositioned BBC reporter to Hack​ Employer for⁢ Ransom

LONDON – A criminal gang attempted​ to recruit ⁤a BBC reporter to infiltrate the corporation’s systems and facilitate a ransomware attack, ⁣offering‍ a substantial cut of the potential payout – ​enough, they claimed, to ensure the reporter ⁢would ⁤”never need to work again.” The reporter, ‌acting on⁤ advice from a ‍senior ‌editor, engaged with the hackers to understand their methods and the growing threat⁢ of insider-enabled cybercrime.

The proposition, received in July via the ‍encrypted ​messaging app​ Signal, came from an individual⁣ identifying themselves as‍ “Syndicate” (later ⁣changing their ‌name to “Syn”).‍ The⁤ gang offered an initial 15% share‌ of ⁢any​ ransom payment in exchange⁣ for access to the ⁣reporter’s work computer. ‍This⁤ offer escalated to 25% of the final negotiation, based ​on an estimated ransom demand equivalent to ‌1% of the BBC’s total ⁣revenue.​

the incident​ highlights a worrying ‌trend of ⁣cybercriminals⁢ actively seeking to leverage insiders -⁤ employees⁣ with legitimate access to‌ sensitive systems – to bypass traditional security measures. While the BBC has not publicly stated its policy on ⁤ransomware payments, the​ UK’s national ‍Crime ⁤Agency ⁤advises against paying ransoms.

The⁤ reporter was told the hackers planned‌ to steal ⁣data or install malicious software, holding the BBC to ransom ⁤and secretly ‍sharing the profits. Syn estimated their team could ‌demand a ransom in the⁤ tens ‌of millions of pounds if prosperous.

This case echoes a recent arrest in Brazil,where an ​IT ​worker was apprehended ​for selling login details to hackers,resulting in⁤ a ‌reported $100⁣ million ⁢(£74m) loss⁣ for a banking institution. The​ reporter’s experience underscores the increasing‍ sophistication and boldness of cybercriminals, and ⁢the ​vulnerability of‍ organizations to attacks‌ originating from within their ‍own ​ranks. ‌The ⁤reporter continued dialogue with the hackers to ⁣gather data about‍ their⁢ tactics, demonstrating the growing need ⁤for awareness⁣ and proactive defense against insider ​threats.