A lethal cyber attack has rocked the revered British Library, leaving its IT systems crippled for weeks. The brazen ransomware gang, known as the Rhysida group, has claimed responsibility for the attack, demanding a hefty sum of 20 Bitcoin, equivalent to approximately £602,500, for the return of stolen sensitive data, including employee passport scans and financial records.
Data Held for Ransom
The perpetrators, via the dark web, have flaunted censored glimpses of the acquired data, showcasing passport photos and HMRC records. Shockingly, the group intends to auction this sensitive information to the highest bidder, further escalating the gravity of the breach.
Impact on British Library and Services
The repercussions of this cyber onslaught have been profound, halting the functioning of the British Library’s IT infrastructure. The encryption of vital files has disabled access to their systems, paralyzing essential operations. Consequently, the library’s website, online systems, and book ordering services have been rendered inactive. Onsite transactions are now limited to cash-only, and public Wi-Fi access has been disabled.
Library’s Response and Ongoing Investigation
Addressing the dire situation, the British Library issued a statement via their official channels, acknowledging the attack’s impact on their services. While they expect to reinstate most services in the coming weeks, some disruptions might persist longer. They reassured users, stating no evidence suggests user data compromise but advised precautionary password changes for those sharing login details.
Collaborative Efforts in Investigation
In collaboration with cybersecurity experts, including the National Cyber Security Centre (NCSC), the Metropolitan Police, and specialized security teams, the library continues its investigation to restore systems’ integrity. The library expressed gratitude for the patience and support from users and partners during this challenging period.
We’re continuing to experience a major technology outage as a result of a cyber-attack, affecting our website, online systems and services, and some onsite services too. We anticipate restoring many services in the next few weeks, but some disruption may persist for longer.… pic.twitter.com/Wdj7VfkWXa
— British Library (@britishlibrary) November 20, 2023
Rhysida Group’s History and Notable Victims
Rhysida, notorious for their aggressive ransomware tactics, has a history of targeting various entities worldwide. Prior victims of their malicious activities include the University of the West of Scotland, the Chilean army, the city of Gondomar in Portugal, and operators of 16 US hospitals.
Rhysida and Vice Society Connection
Additionally, Rhysida has ties to another hacking collective known as the Vice Society, labeled as one of the most active and aggressive ransomware groups, as highlighted by Check Point Research.
ALSO READ: Banking Security Alert: Finance Ministry Calls for Cyber Review Post UCO Bank’s Rs 820 Crore Glitch
Sir Roly Keating, the chief executive of the British Library, expressed immense gratitude for the support amidst this tumultuous period and emphasized the ongoing efforts to recover and fortify their systems.
This recent breach exemplifies the increasingly prevalent threat of cyber attacks targeting institutions globally, highlighting the urgency for robust security measures to safeguard against such malicious incursions.