A BBC journalist revealed a chilling encounter with a cybercrime syndicate that attempted to recruit him from the inside.
In July, the journalist received a message on Signal from a group calling itself Syndicate, offering 15–25% of a potential ransom payment in exchange for access to his BBC computer. The criminals intended to hack BBC systems, steal data, or install malware, then extort the organization for bitcoin.
The group, later identified as part of the Medusa ransomware-as-a-service operation, pressured him to provide credentials and execute a malicious script. Medusa reportedly operates from Russia or allied states and has hacked over 300 victims worldwide.
The journalist collaborated with BBC security experts to respond safely, ultimately isolating himself from internal systems. The hackers disappeared after failing to gain access, leaving the journalist with a firsthand experience of an “insider threat” attack and the evolving tactics of cybercriminals.
This case highlights the growing sophistication of ransomware groups and the serious risks organizations face from insiders or coerced employees.
