Funeral Atmospherics At The British Library

On October 23, 2023, the British Library, one of the world’s finest repositories of knowledge, was subjected to a cyber-attack. Some 600GB of files, including the personal data of Library users and staff from the CRM (Customer Relationship Management) database, was pinched or otherwise exfiltrated by the Rhysida ransomware group, said to have members across Russia, Belarus and Kazakhstan.

The group did not receive any ransom, after which the data was auctioned and placed on the dark web. 20 bitcoins were demanded by the group for the full set. Following that exercise, Rhysida published 573GB of the stolen data.

The exfiltration of data was also accompanied by an encryption of data and important operating systems, a devilish effort effectively shutting out staff and users from any engagement. Certain services were also destroyed to frustrate recovery efforts and conceal the nature of the attackers. According to the BL’s own cyber incident review, the latter was particularly significant in having “the most damaging impact on the Library: while we have secure copies of all our digital collections – both born-digital and digitised content, and the metadata that describes it – we have been hampered by the lack of viable infrastructure on which to restore it.”

After trying to keep things under wraps, the BL’s executive Roly Keating chose a blog post to launch a salvo: “The people responsible for this cyber attack stand against everything that libraries represent: openness, empowerment, and access to knowledge.”

The initiator of the attack has been described as a ransomware-as-a-service group, making it a vigilante outfit for hire. But why target the British Library? Certainly, the institution could now add itself to a number of other public libraries that had been victims of ransomware attacks. The Boston Public Library, which suffered an attack in 2021 that impaired its systems for a week, and the Toronto Public Library, come to mind. Last year, Seattle Public Library became another addition.

Some academics offered an unsurprising answer: the attack was something of a promotions exercise, a brandishing of credentials on the part of the outfit to lengthen its list of clients. Analysts such as Corey Nachreiner, chief security officer at Seattle-based WatchGuard Technologies, offers an even more basic rationale: ransomware actors may just fancy their chances of receiving a ransom.

A less spoken about issue is whether there was something else at play: a dry-run attack to test the vulnerabilities of a system that might be used by other state organisations. But any efforts to consult deep discussions on the subject yield nothing, suggesting the possible hand of government muzzling. There have been no official statements from any British minister, a state of affairs that should raise eyebrows. Britain is, it should not be forgotten, home of the D-notice, that rather unpleasant means the Defence and Security Media Advisory (DSMA) Committee uses to control the UK press from discussing certain subjects on national security.

The attack certainly caused ripples of terror for those concerned with Britain’s neglected public sector IT infrastructure. A research fellow at the Royal United Services Institute think-tank, Jamie MacColl, suggested that hackers were “going after low hanging fruit”, especially targeting less resilient parts of the system. Some of these use legacy software, making the prospect of an attack even more enticing.

To turn up to the BL in the aftermath of the looting efforts of Rhysida is a solemn experience. One senses a figure despoiled of dignity, sapped of confidence. The reading rooms are filled with a funereal atmosphere, one where greatness and comfort have somehow suffered a shrivelling. The desktop computers that were functional previously have been deprived of their keyboards, with the sign “Temporarily Out of Order” attached to them. Such temporary states often prove to be definitively permanent.

The new online system for book requests is cumbersome and clunky. Even now, the Library announces that it is “continuing to experience major technology outage as a result of a cyber-attack.” While buildings were “open as usual”, the attack was “still affecting our website, online systems and services, as well as some onsite services.”

Britain is a country that has seen a monstrous neglect in basic services for years. Libraries have been closed, the civic worth of the country depleted. The self-harming advent of Brexit and the cessation of European Union funding added even more lashings of gloom. In the midst of creaky decline, flaking buildings and coarsening cynicism, institutions such as the BL are reminders of Britain’s better part, to venture into, to consume with relish.

This particular gem of a library is a citadel of comfort for the reader and researcher, now sadly soiled by the devastatingly effective efforts of a group named after a centipede. The knowledge, however, is still there, made even more tantalising by difficulties in accessing it. It’s up to the custodians of the Library to ensure that access is made as easily as possible, whatever the headaches.

Dr. Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He currently lectures at RMIT University. Email: bkampmark@gmail.com

© Scoop Media