The British Library faces a potential £7 million expenditure from a severe cyber attack that disrupted its website and internal WiFi in October. Perpetrated by the Rhysida group, the attackers demanded a £600,000 ransom, leading to the compromise of hundreds of thousands of files, including customer and personnel data, when the library refused to pay.
Reports suggest the library plans to utilise approximately 40% of its reserves, around £6 to £7 million out of an unallocated £16.4 million, to rebuild its digital services. The final recovery costs are yet to be confirmed, and investigations are underway by the National Cyber Security Centre and cybersecurity specialists.
In a recent post on social media, the library explained the ongoing challenges caused by the cyber attack. The incident affected the website, online systems, and some on-site services. The attack is confirmed as ransomware, raising concerns about the potential exposure of user data on the dark web.
Working in conjunction with cybersecurity specialists and collaborating with the Metropolitan Police, the library anticipates a prolonged period for the thorough analysis of the breached data. Despite persistent issues with online systems, the library's physical locations remain accessible. To address user needs, a reference-only version of the primary catalogue is expected to be back online by January 15.
Acknowledging the sustained patience and support from users and partners, Sir Roly Keating, the Chief Executive of the British Library, expressed gratitude. He highlighted the ongoing efforts to assess the impact of this criminal attack and implement measures for the secure and sustainable restoration of online systems.
Providing a precise timeline for the restoration process is premature at this stage, but regular updates will be offered as progress is made in this critical endeavour.
The primary motivation behind cyber attacks is financial gain. This criminal activity, aptly named ransomware, involves using malicious software to disrupt, damage, or gain unauthorised access to computer systems, compelling organisations and businesses to pay a ransom.
While the Department for Digital, Culture, Media and Sport (DCMS) chose not to comment on the matter, a Government insider confirmed the expectation that the British Library would tap into its reserves for recovery.
As the British Library deals with the consequences of this cyber attack, the challenges underscore the pervasive threat posed by ransomware, highlighting organisations must work on their resilience of digital fortifications and guard against the risks posed by such malevolent activities.
