British Library Pays A High Price To Recover From A Cyber Attack

Uploaded on 2024-01-09 in NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Hackers

The British Library, one of the world’s most renowned cultural institutions, will need to spend about 40 per cent of its financial reserves to recover from a crippling cyber attack.  This attack hit one of the UK’s critical research institutions and has made the majority of its services inaccessible. 

The London-based library holds nearly 170mn pieces of work ranging from books to sound recordings, was knocked offline in October 2023 after a serious ransomware attack.

Ordinarily, authors and other copyright holders receive annual payments from Public Lending Right fund,  which is money earned by writers, illustrators and translators each time a book is borrowed. But not this year, as a result of the sever disruption to the British Library's systems.

Hackers published hundreds of thousands of stolen files online, including customer and personnel data, after the library refused to pay a £600,000 ransom. According to reports, it now faces spending about £6 million to rebuild its digital services, consuming a sizeable proportion of its £16.4m in unallocated reserves.

The British Library’s online catalogue remains unavailable. Physical sites are open, but users must wait while librarians run through logs and find items on shelves. Some of the library’s services are scheduled to return in the middle of January, including a reference-only version of its online catalogue.

The British Library paid £250,000 to the cyber security provider NCC Group to provide an initial response to the attack, according to procurement records. 

A British Library spokesperson said: “The final costs of recovering from the recent cyber attack are still not confirmed... The library always maintains its own financial reserve to help address unexpected issues and no bids for additional funding have been made at this stage.”

Hacking group Rhysida claimed responsibility for the breach in November last year. It published some 573 gigabytes of the British Library’s data after selling 10 per cent of the files to anonymous bidders through its Dark Web page. 

Rhysida became known to US authorities in  2023 and has links with Russian-affiliated Vice Society

Museums in the US including the MFA Boston, the Rubin Museum of Art and the Crystal Bridges Museum of American Art have experienced outages after a cyber attack hit a third-party technology services supplier that assists museums with both internal and customer-facing management systems.

The British Library’s service could remain down for more than a year, and the attack highlights the risks of a single institution playing such a dominant role in delivering essential services. 

It remains unclear how long it will take before the institution, one of five legal deposit libraries in Britain entitled to a copy of each piece of published work in the UK, is fully operational.

@britishlibrary:    Standard:    Independent:    FT:    Apollo Magazine:    Shropshire Star:   

Breaking News:     Guardian:    Image: Pixabay

You Might Also Read: 

British University Data Breaches Are A Lesson For All:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Stronger Civilian Cyber Defences In Ukraine
Abduction & Extortion Goes Online »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Latham & Watkins LLP

Latham & Watkins LLP

Latham & Watkins is an international law firm. Practice areas include Data Privacy, Security and Cybercrime.

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab conducts research into predictive security analytics.

Inogesis

Inogesis

Inogesis helps blue-chip organisations harness disruptive technologies and thinking to drive new revenues or overcome challenges by connecting them with dynamic small companies.

ESL Bangladesh

ESL Bangladesh

ESL is the Largest IT Infrastructure & Telecom Service Provider in Bangladesh.

Cryptshare

Cryptshare

Cryptshare is a communication solution that enables you to share e-mails and files of any size securely.

ReliaQuest

ReliaQuest

ReliaQuest’s GreyMatter solution connects existing technology, people, and process – then equips security teams with unified, actionable insights across their entire environment.

Beryllium InfoSec Collaborative

Beryllium InfoSec Collaborative

Beryllium InfoSec Collaborative is an information security and cyber security company with 40-plus years of experience across industry & government.

Cympire

Cympire

Cympire significantly increases an organisation’s Cyber Resilience through continuous Training and Assessment. Cyber Security Training Platform. Cloud-based and fully customizable Cyber Range.

Outseer

Outseer

Outseer is a leading technology company in the fight against payments fraud. Outseer reliably determines authentic customers from fraudulent behavior.

Digital Security by Design (DSbD)

Digital Security by Design (DSbD)

Digital Security by Design is an initiative supported by the UK government to transform digital technology and create a more resilient, and secure foundation for a safer future.

DarkFeed

DarkFeed

DarkFeed is a Threat Intelligence provider that monitors the darknet in real-time, where hackers and Cyber criminals are most active.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.

Fescaro

Fescaro

FESCARO is a trusted cybersecurity partner for global automakers and their partners, helping them transition to software-defined vehicles (SDVs) with tailored automotive software solutions.

QPoint Technologies

QPoint Technologies

QPoint provides solutions and consulting in areas including software engineering, testing, cybersecurity, ICT, web, mobile, project management, and complex integration processes.

Point Wild

Point Wild

Point Wild is a holding company that acquires, integrates and manages a diverse portfolio of best-in-class cybersecurity brands for consumers and enterprises.

Kaavalan

Kaavalan

Kaavalan was founded with a mission and a vision to protect you against cyber threats in the connected world.