In today’s digital age, cybersecurity is no longer an option but a necessity. The cyber attack on one of the largest libraries in the world in October continues to have effects several months later. Incidents such as the one involving the British Library serve as sobering reminders of the far-reaching consequences that can arise from a single breach, highlighting the critical importance of proactive cybersecurity measures. Let’s delve into a detailed timeline of events and explore the enduring impacts of cyber attacks.
Timeline of Events:
- October 29, 2023: The British Library posts on X that they are struggling with “technical issues”.
- October 31, 2023: Following the outage of the online catalogue of about 36 million books and up to 170 million items, the British Library is compromised due to a cyber incident of an undisclosed nature.
- November 16, 2023: The British Library officially confirms a devastating cyberattack as a ransomware attack.
- November 21, 2023: Rhysida, the ransomware group responsible, threatens to sell the almost 600GB of stolen data on the dark web if the ransom isn’t paid.
- November 28, 2023: First bits of personal data appear on the dark web.
- November 30, 2023: 90% of the stolen data is leaked onto the dark web, amounting to about 40% of the financial reserves.
- January 07, 2024: Financial Times estimates the cost to be about £7m.
- January 10, 2024: The Library announces the return of online catalogue and lending services after weeks of restoration efforts.
- January 15, 2024: Return of the majority of the online catalogue.
Discovery and Initial Impacts: The cyber attacks on the British Library sent shockwaves through the academic and cultural spheres. The breaches, orchestrated by the ransomware group Rhysida, exposed vulnerabilities within the institutions’ digital infrastructure. In the initial aftermath, the library grappled with widespread service disruptions:
- The public Wi-Fi and the online catalogue were both dysfunctional, making it impossible to access resources or make requests electronically.
- The Library reverted to a pre-digital state, with all online services, including the website, phone lines, and exhibition-ticket sales, inaccessible.
- Additionally, the electronic system connecting the library’s collections was down.
- Deliveries from Boston Spa, which houses a significant portion of the library’s books, were also suspended.
Parts of the IT infrastructure were deleted, whilst others were encrypted.
Enduring Impacts: The repercussions of the cyber attacks reverberated long after the initial breaches. For the British Library, the loss of access to its vast collection of 170 million items dealt a severe blow to researchers, students, and the public. The compromised personal data of staff, readers, and visitors further exacerbated the fallout, raising concerns about privacy and security breaches. “It is just basic practice that you don’t pay money to criminal blackmailers,” Sir Roly Keating, Chief Executive of the British Library and chair of the emergency meetings, says. “It was important for us to articulate choices, to set a tone.” A week after the ransom note 90% of the stolen data were leaked onto the dark web as the British Library refused to pay the 20 bitcoin (about £600,000) ransom. Users were contacted with helpful tips on how to protect themselves going forward.
Yet the Library was able to keep reading rooms, events and exhibitions open to the public.
Whilst the costs are still unconfirmed, The Financial Times suggests, that the return to normality will cost around £7m. It has been reported, that the British Library could lose about 40% of its reserve.
Response and Recovery Efforts: In response to the crisis, the library mobilised comprehensive cybersecurity measures to mitigate further damage and restore normalcy. They extended due dates for overdue books and suspended overdue fines, alleviating concerns for patrons. Meanwhile initiating extensive recovery efforts, including the restoration of online services and the implementation of enhanced cybersecurity protocols. Firstly a thorough analysis had to take place, as they were “not even quite sure what’s been damaged or taken”, how Adam Budd, the education secretary of the Royal Historical Society, said.
Current Situation: As of the latest updates, significant progress has been made in the restoration of services at both libraries. However, the enduring impacts of the cyber attacks serve as stark reminders of the ongoing threat posed by cybercriminals.
After three months the online catalogue is online again, though only as a ‘read-only’ as of now. Whilst the majority of the Library’s special collections are available again, access to the consultation is not yet online available. Nor is it possible to add new items to the catalogue. Workarounds for annual provision payments are in place.
As of today, February 6th, the library still shows the following error message on their webpage:
Moving forward, proactive cybersecurity measures and continued vigilance are imperative to safeguarding the digital infrastructure of academic and cultural institutions. The Library has set up a programme for technical rebuild and recovery, aiming to fully have all services and content available and accessible again. They are not only bouncing back, but forward, following their “Knowledge Matters strategy”. It is possible, that some operations may be affected until autumn or even longer.
“The people responsible for this cyber-attack stand against everything that libraries represent: openness, empowerment, and access to knowledge” – Keating
Conclusion: The recent cyber attack on the British Library underscores the urgent need for robust cybersecurity frameworks. This incident, alongside ever so many others happening every day, serves as cautionary tales, highlighting the profound and enduring impacts of cyber threats on institutions and their stakeholders. As we navigate an increasingly digital landscape, prioritizing cybersecurity must remain paramount to safeguarding our collective knowledge and heritage.