Sophos Cloud Optix
Last night, BBC One broadcast an investigation by the Panorama team into alleged computer hacking done on behalf of Rupert Murdoch’s News of the World newspaper.
The progamme – called “Tabloid Hacks Exposed” – identified a former British army intelligence officer who had served in Northern Ireland, Ian Hurst, as the target of the computer hack.
Hurst was thought to have contributed to a book about “Stakeknife”, the codename for an alleged spy who infiltrated the higher echelons of the Provisional IRA while secretly working for British Intelligence.
According to the Panorama report, copies of emails sent from Hurst’s computer were stolen by a Trojan horse installed by a hacker. Footage secretly filmed by the BBC, shows Hurst meeting the man who he believes broke into his PC, who confesses his involvement:
"It weren't that hard. I sent you an email that you opened, and that's it ... I sent it from a bogus address ... Now it's gone. It shouldn't even remain on the hard drive ... I think I programmed it to stay on for three months."
According to the unnamed hacker’s confession, faxed copies of the stolen information were then sent to the then editor of the News of the World for Ireland, Alex Marunchak.
When a BBC film crew confronted Marunchak with the allegation that he knowingly hired people to break the law in order to uncover information for news stories, he declined to answer questions.
It’s important to recognise that there is no accusation that the journalists themselves hacked into any computers – but rather that they might have hired third parties who did various forms of hacking in order to gather information.
Up until this latest BBC Panorama investigation, the focus has been on the alleged hacking of mobile phones, rather than the interception of computer email communications.
Readers in the UK can currently watch the BBC Panorama report online via BBC iPlayer.
Sophos makes a brief appearance in the programme, discussing the legality (it’s not) of installing Trojan horses onto other people’s computers without their permission. Blink and you’ll miss me pontificating.
Remember, installing a virus or Trojan horse onto someone else’s computer without their authorisation is against the law – and can lead to a serious jail sentence.
Are the BBC treading on thing ice again by getting involved in this sort of thing?
They are already in trouble from the last time that they use infected computers for an "investigation"
I don't think there's any suggestion that the BBC were involved in cybercriminality on this occasion. They're just reporting the alleged cybercrimes of others.
Any criminals out there that have access to installed trojans, watching this are probably thinking.. oo i can save peoples emails and sell them to the papers 😛
What is the defence against this type of malware attack?
A combination of up-to-date anti-virus protection, security patches and a good dollop of common sense (the malware appears to have been delivered via an email attachment – always be suspicious of unsolicited email attachments).
Any idea how people in the US can view this at some point?
I would never, ever, suggest, recommend or condone the following:
Use a proxy server to fool iPlayer into thinking you're in the UK.
Alternatively, could try your favourite bittorrent search engine. ;o)
You could try asking @bbcpanorama on Twitter if their program is rebroadcast on any US networks. I believe it is sometimes shown in Australia.
Alternatively, I believe that BBC iPlayer is likely to be opened up to the world sometime later this year (with a fee for you non-license payers)