‘Knowledge under attack’ concludes British Library
Chief Executive Sir Roly Keating lays out impact of ‘major cyber-attack’ in October that still affects many systems including the library’s digital catalogue
As Infotec was quick to report, at the end of October 2023 the British Library suffered a ‘major technology outage’ affecting its website, online systems and services. The National Cyber Security Centre and other specialists were called in, and later the British Library revealed it had been the victim of ‘a ransomware attack by a group known for such criminal activity’. The Rhysida ransomware group admitted carrying out the attack, posting confidential documents online as evidence. They then attempted to auction this stolen data online, before releasing it anyway on their own website on the so-called ‘dark web’.
Now Sir Roly Keating, Chief Executive of the British Library, has provided a revealing account of the impact of the attack on services, and the library’s response.
Photo by Steve Cadman
‘The Library itself remains a crime scene,’ says Keating, ‘with a forensic investigation of our disrupted network still ongoing. In parallel, our teams are examining and analysing the almost 600 gigabytes of leaked material that the attackers dumped online – difficult and complex work that is likely to take months.’
The library’s digital catalogue, website and online learning resources were all affected and remain unavailable. That includes the popular EThOS collection of 600,000+ doctoral theses and the registration system for the Public Lending Right (PLR) which pays money to authors based on how often their books are loaned by libraries across the UK.
Keating provides some welcome news. For one thing, he says, ‘the vast datasets held in our Digital Library System, including the digital legal deposit content that it is our statutory duty to collect and preserve, are intact and safe from harm.’
In addition, a reference-only version of the library’s digital catalogue is expected to be available from January 15, 2024. Other interim services will also be introduced to increase access, such as on-site access to manuscripts and a bespoke inter-library loan service for some material. ‘Each of these offerings will initially be somewhat different from our normal service,’ admits Keating, ‘but together they will represent a crucial first stage on our road back to normality.’
Meanwhile, the British Library sites in both London and Yorkshire remain open – and busy. Events and exhibitions continue, and there are plenty of visitors engaged in study of different kinds. Indeed, this reporter visited the British Library in London and the only outward sign of an issue were the signs saying there was no WiFi.
Keating concludes that the cyber-attack and its continuing impacts raise wider issues of concern.
‘Our experience of the past two months has highlighted a great paradox for knowledge institutions in the digital age,’ he says. ‘Our deep commitment to openness, access and discovery means that we fully embrace the amazing possibilities that technology enables; while as custodians of our collections we also face an ever-increasing challenge in keeping our digital heritage safe from attack.
‘Libraries, research and education institutions are being targeted, whether for monetary gain or out of sheer malice. Society more widely, and all of us as individuals need to be alert to this fast-evolving threat.
‘For better or worse, everyone working at the Library now knows a lot more about the dangers of identity fraud than we did barely six weeks ago, and I would recommend to anyone the benefit of being both forewarned and forearmed.’
In related news:
Sophisticated, long-term cyber-attack on Electoral Commission
Leave a Reply