Cyber attacks against the BBC increase 35% in two years

BBC building in London
(Image credit: Getty Images)

The British Broadcasting Company (BBC) is facing an increasing number of cyber attacks every day, new figures released today reveal.

Official figures obtained via a Freedom of Information Act (FOI) request by Parliament Street think tank showed the BBC fends off an average of 383,278 email attacks every day and faced nearly 50 million in total between October 2021 and January 2022.

Of these attacks, the vast majority consist of phishing emails but a significant number are also emails that attempted to install malware on BBC staff machines.

During the aforementioned four-month period, more than 70,000 emails were classed as ‘malware attacks’ and nearly 300,000 were phishing emails.

Parliament Street told IT Pro the details included in the BBC’s FOI response were limited due to the law itself, so more specific details around the malware and phishing attempts are not available. However, it added that all of the email attacks faced by the BBC can be broadly categorised into spam, malware, and phishing.

The updated figures revealed a 35% increase in daily attacks on the BBC compared to FOI figures previously reported in 2020. The BBC previously said it defended against an average of 283,597 scam or spam emails a day between January and August 2020.


The best defence against ransomware

How ransomware is evolving and how to defend against it


High-profile media organisations are often the target of cyber attacks due to the intelligence they hold on a variety of topic areas. Most recently, journalists at Rupert Murdoch’s News Corp publishers had their emails hacked in what Mandiant assessed to be an espionage campaign backed by the Chinese government.

Journalists at the Wall Street Journal, The Sun, The Times, and the New York Post all fell victim to the attack which saw hackers steal data, the nature of which was not revealed.

Individual journalists and critics of governments have also been targeted numerous times and in various countries across the world by nation-states using NSO Group's Pegasus spyware.

High-profile individuals include Saudi critics Jamal Khashoggi and Loujain al-Hathloul, both of which were found to have their personal devices infected with the covert spyware. The initial infections in both cases were linked to the United Arab Emirates and Saudi Arabia.

Connor Jones

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.