Anti-IS hacker group claims cyber-attack on BBC was only a test

04 Jan 2016

A group of computer hackers that aims to target the Islamic State has claimed responsibility for a cyber attack on the BBC, which it said was launched to test its own capabilities, according to messages sent to a reporter at the broadcaster on 2 January.

"It was only a test, we didn't exactly plan to take it down for multiple hours," the group called New World Hackers said in a message sent to the BBC's technology correspondent, Rory Cellan-Jones, which he posted on Twitter.

"We realise sometimes what we do is not always the right choice, but without cyber hackers ... who is there to fight off online terrorists?"

The attack took down the BBC's online services, including its news website and iPlayer catch-up TV platform, for a few hours on 31 December. According to the broadcaster, which cited sources inside the corporation, it was a "distributed denial of service (DDoS)" attack.

In a DDoS attack hackers flood servers with messages from multiple systems which makes them unable respond to legitimate traffic.

According to a BBC spokeswoman, it would offer no comment on the claim of responsibility made by the group.

The group went to say that the attack was "just the start."

On Saturday, the group also claimed responsibility for an attack that downed Republican presidential candidate Donald Trump's campaign website for about an hour.

A member of the group, who identified himself as Ownz and declined to use his real name, told ZDNet that the attacks on the BBC's website and Trump's website were a "test of power" and server strength.

"ISIS is our main target," said Ownz.

Ownz, who claims to be a "hacktivist," sent ZDNet a screenshot of a web interface that was allegedly used to launch the attacks, indicating an assault of up to 602 Gbps.

According to commentators, if the size of the attack was proven true, it would be much larger than the record for largest DDoS attack of 334 Gbps, recorded by Arbor Networks in mid-2015.

Ownz added, the size of the attack was possible with the use of at least two "Amazon servers," but did not disclose further details.