British Library Pays A High Price To Recover From A Cyber Attack

Uploaded on 2024-01-09 in NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Hackers

The British Library, one of the world’s most renowned cultural institutions, will need to spend about 40 per cent of its financial reserves to recover from a crippling cyber attack.  This attack hit one of the UK’s critical research institutions and has made the majority of its services inaccessible. 

The London-based library holds nearly 170mn pieces of work ranging from books to sound recordings, was knocked offline in October 2023 after a serious ransomware attack.

Ordinarily, authors and other copyright holders receive annual payments from Public Lending Right fund,  which is money earned by writers, illustrators and translators each time a book is borrowed. But not this year, as a result of the sever disruption to the British Library's systems.

Hackers published hundreds of thousands of stolen files online, including customer and personnel data, after the library refused to pay a £600,000 ransom. According to reports, it now faces spending about £6 million to rebuild its digital services, consuming a sizeable proportion of its £16.4m in unallocated reserves.

The British Library’s online catalogue remains unavailable. Physical sites are open, but users must wait while librarians run through logs and find items on shelves. Some of the library’s services are scheduled to return in the middle of January, including a reference-only version of its online catalogue.

The British Library paid £250,000 to the cyber security provider NCC Group to provide an initial response to the attack, according to procurement records. 

A British Library spokesperson said: “The final costs of recovering from the recent cyber attack are still not confirmed... The library always maintains its own financial reserve to help address unexpected issues and no bids for additional funding have been made at this stage.”

Hacking group Rhysida claimed responsibility for the breach in November last year. It published some 573 gigabytes of the British Library’s data after selling 10 per cent of the files to anonymous bidders through its Dark Web page. 

Rhysida became known to US authorities in  2023 and has links with Russian-affiliated Vice Society

Museums in the US including the MFA Boston, the Rubin Museum of Art and the Crystal Bridges Museum of American Art have experienced outages after a cyber attack hit a third-party technology services supplier that assists museums with both internal and customer-facing management systems.

The British Library’s service could remain down for more than a year, and the attack highlights the risks of a single institution playing such a dominant role in delivering essential services. 

It remains unclear how long it will take before the institution, one of five legal deposit libraries in Britain entitled to a copy of each piece of published work in the UK, is fully operational.

@britishlibrary:    Standard:    Independent:    FT:    Apollo Magazine:    Shropshire Star:   

Breaking News:     Guardian:    Image: Pixabay

You Might Also Read: 

British University Data Breaches Are A Lesson For All:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Stronger Civilian Cyber Defences In Ukraine
Abduction & Extortion Goes Online »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clearpath Solutions Group

Clearpath Solutions Group

Clearpath Solutions Group expertise covers virtualization and data storage technologies, networking, security and cloud computing.

Palo Alto Networks

Palo Alto Networks

Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate.

CYBER 1

CYBER 1

CYBER 1 provides cyber security solutions to customers wanting to be resilient against new and existing threats.

Siepel

Siepel

Siepel manufactures high quality shielded rooms and anechoic chambers dedicated to TEMPEST, NEMP & HIRF.

CamCERT

CamCERT

CamCERT is the national Computer Emergency Response Team for Cambodia.

Logsign

Logsign

Logsign is a Security Orchestration, Automation and Response (SOAR) platform with next-gen Security Information and Event Management (SIEM) solution.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

The Legal 500

The Legal 500

The Legal 500 Hall of Fame highlights, to clients, the law firm partners who are at the pinnacle of the profession. Practice areas covered include Data Protection, Privacy and Cybersecurity.

Cynexlink

Cynexlink

Cynexlink offers Managed IT Services with Security, Network, Storage & Cloud solutions for all size of business.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

Harvey Nash

Harvey Nash

Harvey Nash is a leading global provider of talent and technology solutions.

Epoch Concepts

Epoch Concepts

Offering a full line of IT services, solutions, and integration capabilities, Epoch Concepts is the trusted partner of the US military, federal agencies, private enterprises, and systems integrators.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

Mindflow

Mindflow

Mindflow is dedicated to bringing answers to the challenges the cybersecurity field and beyond face today.

BuddoBot

BuddoBot

BuddoBot has been a pioneering force in cybersecurity and information technology since 2008.

Token Security

Token Security

Token is the new approach designed for the identity boom era. Introducing Machine-First Identity Security.