The BBC website is normally so fast and resilient that most people will check their own internet connection first if it becomes inaccessible. However unfortunately it appears that the BBC site is becoming increasingly a target for cyber attacks from across the world. The BBC site is often attacked but it has a high tech infrastructure and a lot of redundancy available so usually nobody would notice. Last summer was probably the first major outage, and some people reported that the entire BBC site was down for nearly a whole weekend. On Thursday the outage was not quite as long, perhaps three hours in total but the site was almost completely inaccessible.
The message that appeared on the site merely hinted at the attack suggesting simply that “abnormal traffic” was to blame. The reason was in fact a highly targeted DDOS (distributed denial of service) attack which involves bombarding servers with repeated requests in order to overload them and crash web services. These attacks are relatively common and often use hacked and infected PCs across the world but not many are capable of organising an attack which is capable of overwhelming the BBCs web servers.
It is suspected (although not confirmed) that this huge attack was probably state sponsored and possibly originated from places like North Korea, Russia or China. The BBC web site and the related iPlayer services is not popular in either of these countries mainly because it’s reporting of stories often contradicts official news releases and sources. The BBC is also trying to expand it’s reach using online services to parallel the World Service which is accessible all over the world and is often the only reliable news service for many millions of people.
Most experts suggest that it was unlikely that the BBC would be a target for any of the major hacking groups, and besides they would normally claim responsibility for such an attack fairly quickly. This suggest that it was likely that the attack was state sponsored and thus unlikely that the culprit will be easily determined. The actual attacks will normally be conducted through thousands of infected PCs across the world, these will be launched remotely and hidden using proxy changing and sophisticated VPN programmes to hide the origin of the actual attacker.