iPlayer database malfunctions in DDoS attack, brings everything down, including main website and a radio app. On the morning of December 31, 2015, unknown attackers have downed the BBC website and its iPlayer video platform under a massive DDoS attack.
The attack started around 07:00 AM GMT and only lasted a few hours, the BBC services slowly returning to normal operation by the afternoon.
Due to the controversial nature of stories it sometimes publishes, DDoS attacks are common on the BBC website and other news platforms for that matter.
Attackers often confuse websites that carry a news story with the news story’s content, and sometimes the sites themselves are the target of someone’s rage fit. In other cases, attackers want to suppress a certain subject, and taking down news-carrying portals is the simplest way to do so.
The BBC offered some details about the incident, as soon as it managed to restore services on its servers. Besides the main BBC website and the associated iPlayer platform, the iPlayer Radio app was also not working properly either.
A smokescreen for something else?
After the attack was over, the BBC dev team investigated the damage and said the DDoS attack caused an iPlayer database to malfunction, which in turn, made other connected services unavailable.
“After a DDoS attack, it’s very important to perform a comprehensive forensic analysis of the incident. The analysis should cover not only the targets of the attack, but the entire spectrum of managed network devices,” Dave Martin, security expert and director at NSFOCUS Global, told Softpedia.
“A forensic analysis of the incident can uncover other malicious activity and be used to identify changes needed in network security to improve the organization’s overall security posture,” Mr. Marting also added.
In July 2014, the BBC suffered its biggest outage, when the iPlayer service was knocked offline by a DDoS attack for an entire weekend.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.