BBC Broadcasting House, London

BBC beset by 250,000 email attacks on a daily basis

Image credit: Dreamstime

The BBC receives over a quarter of a million malicious email attacks every day, according to data obtained by Parliament Street.

A Freedom of Information (FOI) request submitted by the Parliament Street think tank found that an average of 283,597 malicious emails were blocked by the organisation every day, during the first eight months of 2020.

On a monthly basis, the data shows that the BBC receives an average of 6,704,188 hostile emails classed as scam or spam.

Additionally, an average of 18,662 malware attacks such as viruses, ransomware and spyware are blocked. Across the eight-month period of January 2020 to August 2020, a total of 51,898,393 infected emails were blocked by the BBC's systems.

The findings tally with reports that cyber criminals have been taking advantage of the turmoil caused by the Covid-19 pandemic which has seen financially-motivated attacks on businesses rise considerably.

The FOI data showed that the BBC experienced the largest number of attacks in July with a total of 6,801,227 incidents recorded. Of these 6,787,635 were spam and 13,592 were malware. The second highest figures were recorded in March.

The BBC is no stranger to cyber attacks, with a massive DDOS attack in 2016 leading to the temporary unavailability of services like iPlayer. In 2013 it briefly lost control of its Twitter feed by due to attacks from a group called Syrian Electronic Army, which is supportive of Syrian President Bashar al-Assad.

Tim Sadler, CEO of cybersecurity firm Tessian commented: “The global pandemic has become a ripe opportunity for hackers’ phishing scams, and we can clearly see that in reflected in the spike of malicious attacks on the BBC.”

“In the wake of the outbreak, journalists and employees would have been busier and more distracted than usual. Using clever social engineering techniques, cybercriminals prey on people’s desire for information during uncertain times, and bank on the fact that busy, distracted and stressed employees may miss the signs of a phishing email and fall for their scams.”

“Organisations, therefore, must have security measures in place to automatically predict such email threats and warn people before they click or download an attachment.”

The BBC has been contacted for comment on the FOI request.

Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.

Recent articles