British Library cyberattack

In October 2023 Rhysida, a Russia-affiliated hacker group, attacked the online information systems of the British Library.^[1] The main catalog returned online on 15 January 2024 in a read-only format,^[2] though some of the library's services are expected to be unavailable for months. The EThOS collection of British doctoral theses remained offline as of 19 December 2023.^[1]

Rhysida demanded a ransom of 20 Bitcoin, at the time around £6,000,000, to restore services and withhold stolen data.^[3]^[4] When the British Library did not acquiesce to the attempt, Rhysida publicly released approximately 600GB of leaked material online.^[3]

Timeline[edit]

29 October 2023 - British Library announced an "IT outage"^[5]
31 October - Outage confirmed publicly to be the consequence of a cyberattack^[5]
16 November - Attempt at digital extortion, aka "ransomware attack" confirmed by British Library^[5]
21 November - Rhysida statement confirming their involvement^[5]
15 January 2024 - Online catalog restored, some specialty catalogs remain offline^[2]

Impact[edit]

There were a number of impacts to the functioning of the library following the attack.^[6]

Works from the Boston Spa branch of the library could not be transferred to the London site
Authors who receive royalties from borrowed books had payments delayed.
£7M in costs
The computerised index was off-line for months, with partial restoration in January 2024

References[edit]

^ ^a ^b Knight, Sam (19 December 2023). "The Disturbing Impact of the Cyberattack at the British Library". The New Yorker. ISSN 0028-792X. Retrieved 2023-12-22.
^ ^a ^b Nanji, Noor (15 January 2024). "British Library starts restoring services online after hack". BBC News. Retrieved 2024-01-15.
^ ^a ^b Adams, Geraldine Kendall (20 December 2023). "Museums on alert following British Library cyber attack". Museums Association. Retrieved 2023-12-23.
^ Milmo, Dan. "Rhysida, the new ransomware gang behind British Library cyber-attack". The Guardian. Retrieved 2023-12-23.
^ ^a ^b ^c ^d "British Library cyber attack explained: What you need to know | Computer Weekly". ComputerWeekly.com. Retrieved 2024-01-16.
^ Sherwood, Harriet (15 January 2024). "'A 22-carat disaster': what next for British Library staff and users after data theft?". The Guardian. Retrieved 2024-01-15.

External links[edit]

Dever, Carolyn (14 December 2023). "How to Lose a Library". Public Books. Retrieved 2023-12-23.

[:0-1] Knight, Sam (19 December 2023). "The Disturbing Impact of the Cyberattack at the British Library". The New Yorker. ISSN 0028-792X. Retrieved 2023-12-22.

[:2-2] Nanji, Noor (15 January 2024). "British Library starts restoring services online after hack". BBC News. Retrieved 2024-01-15.

[:1-3] Adams, Geraldine Kendall (20 December 2023). "Museums on alert following British Library cyber attack". Museums Association. Retrieved 2023-12-23.

[4] Milmo, Dan. "Rhysida, the new ransomware gang behind British Library cyber-attack". The Guardian. Retrieved 2023-12-23.

[:3-5] "British Library cyber attack explained: What you need to know | Computer Weekly". ComputerWeekly.com. Retrieved 2024-01-16.

[6] Sherwood, Harriet (15 January 2024). "'A 22-carat disaster': what next for British Library staff and users after data theft?". The Guardian. Retrieved 2024-01-15.

[1]

[2]

[3]

[4]

[5]

[6]