By Julia Fitzpatrick
The Chief Executive of the British Library has provided an update on the ongoing restoration of the library’s services following a major cyber attack in October 2023. Sir Roly Keating wrote in a blog published on 9 February 2024 that, as a result of “various manual workarounds” in place since 15 January, the library has been able to “resume [its] core responsibility of providing access to the collection.” Keating described this restoration of the main catalogue and on-site access to the St Pancras special collections as “a key milestone on [their] road to recovery.” Further services, including the digital collection and physical collections held in the Boston Spa site, remain unavailable. Keating added that the library hopes to restore many of these services “in the first half of the year,” with an indicative timeline expected later in February.
The cyber attack has been described by Ciaran Martin, former CEO of the National Cyber Security Centre, as “one of the worst cyber incidents in British history.” The library is still recovering from the total technology outage which it suffered as a result of the attack, which rendered access to the website, digital collections, main catalogue and on-site collections in London and Yorkshire unavailable. Rhysida, a sophisticated ransomware gang which works on contract, claimed responsibility for the attack.
Rafe Pilling, the Director of Threat Research at the cybersecurity company Secureworks, explained that Rhysida employs the “classic” strategy of “double extortion.” This involves making an organisation’s systems inaccessible by infecting them with malware and demanding a ransom payment to unlock the services, while simultaneously stealing and threatening to release personal data. Rhysida demanded a ransom of twenty bitcoin, worth roughly £600,000, to restore the British Library’s services and return stolen personal data. When the library refused to acquiesce to their demands, the hackers published almost 500,000 files of stolen data online. The library said that the data, which included employment contracts and passport details, appeared to come from internal HR files.
As one of the largest libraries in the world, the British Library’s attack has been a wake-up call to many about the danger which cybercrime poses for academic research and personal data. Keating has recognised the need for further investment in technology infrastructure, using this “as a moment not just to replicate the systems we ran before, but to improve as we rebuild.”