Christine Ro, a Technology of Business reporter, used to consider the British Library her unofficial office. She believed that for writers, the British Library was the best part of living in London. However, following a ransomware attack in October 2023 by the Russian hacker group Rhysida, the UK’s national library has faced significant challenges. The attack paralyzed IT systems, making books only accessible through paper slips and much of its digital content inaccessible.
The hackers demanded a ransom of 20 bitcoin (equivalent to £600,000 at the time), which the British Library refused to pay. As a result, nearly 600 GB of private information was leaked on the dark web after an online auction of stolen data. It wasn’t until January 2024 that the online catalogue became partially usable again, with a lengthy recovery process expected to take several months to analyze the leaked data.
The British Library declined to comment on the situation, but experts note that recovery from cyber-attacks can be a lengthy process. Factors such as the type and number of systems affected, quality and quantity of backups, experience of IT staff, and sophistication of the attack all play a role in determining the length of recovery.
Organizations like the Scottish Environment Protection Agency (SEPA) have opted to rebuild systems from scratch rather than re-establish legacy systems following cyber-attacks. Investing in cyber-security staff and tools, testing cyber-security products in their own environment, and obtaining cyber-risk insurance are all recommended strategies for organizations to protect themselves from future attacks.
Despite decreasing ransom amounts, cyber-attacks remain lucrative for criminals, with the potential for outsourcing attacks and utilizing AI presenting new opportunities for hackers. With cyber-attacks likely to continue in the future, preparation and resilience are essential for organizations to mitigate financial losses and operational disruptions.
