BBC Cyber Correspondent Offered Bribe to Hack BBC by Criminal Gang

Insider Threat in Cybercrime

• 💡 The BBC's cyber correspondent, Joe Tidy, was directly approached by a criminal gang with an unsolicited offer via Signal.
• 🎯 The offer involved providing login credentials and security codes to hack the BBC, with a promised 15% cut of any ransom payment.
• 💰 The criminals estimated the BBC could face tens of millions of pounds in ransom if their servers were encrypted or private data stolen.

The Hacker's Tactics and Motivation

• ⚡ Cyber criminals are often lazy and seek the easiest entry points into organizations, which can include bribing employees.
• 🧩 The gang initially offered Tidy 15% of the ransom, later increasing it to 25%, and even offered half a bitcoin ($55,000) as a deposit to prove their legitimacy.
• ⚠️ The criminals' plan involved either stealing private data or encrypting servers to demand a ransom.

Escalation and MFA Bombing

• ⏳ After three days of communication, the criminals grew impatient and attempted to force Tidy's hand.
• 📱 They initiated an MFA bomb, repeatedly triggering password reset requests for Tidy's account, rendering his phone unusable for hours.
• 🔑 Had Tidy accidentally approved any of the MFA requests, the hackers would have gained access to his account.

Broader Implications and Vulnerability

• 🧠 Tidy played along to gain firsthand insight into the insider threat aspect of cybercrime, which is rarely discussed.
• 📉 He noted that the offer could be particularly tempting for a disgruntled employee or someone facing financial hardship.
• ⚠️ A recent case in Brazil highlighted the severe consequences, where an employee selling their credentials led to approximately $100 million in damages to a bank.
• 📢 The incident serves as a stark reminder that employees are potentially vulnerable to such aggressive recruitment tactics by cybercriminals.