Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

What We Know About the 2023 British Library Data Breach

The British Library has released a report providing insights gained from the cyber incident that paralysed its IT systems in October last year. This occurred due to a terminal server implemented by a third party for more efficient operations within the internal IT team. A suspected combination of a phishing attack to gain credentials, lack of communication between the British Library staff and the third party responsible for setting up the server and a lack of 2-factor authentication allowed for unauthorized access to sensitive data, lateral movement within the internal network and a subsequent ransomware attack.

 

Despite ongoing effects of the ransomware attack, the institution’s website noted that online systems, services, and certain on-site facilities remain impacted for the long term.

 

The criminal group responsible exfiltrated approximately 600GB of data, including personal information of library users and staff. Following unsuccessful ransom demands, they auctioned and later dumped the data onto the dark web. Their tactics involved data encryption, system manipulation, and server destruction to impede recovery efforts and conceal their actions, significantly hindering restoration processes due to infrastructure limitations. Many of which appear to be successful as pinpointing exactly how access to the system was achieved has proven difficult.

Major software systems, including the main library services platform, cannot be reinstated due to vendor support cessation or incompatibility with the new secure infrastructure. Legacy systems and manual data transfer processes exacerbated the attack’s impact, granting attackers broader access than in a modern network design. The report emphasizes the need for future risk assessments to consider major cyber threats, integrating cybersecurity into technological rebuilding and processes, and transitioning from on-site to cloud-based systems.

The British Library anticipates continued service disruptions for several months. Progress in its recovery plan includes implementing a new reader registration process and prioritizing on-site access to digital collections. It has informed users of data release on the dark web, offering guidance from the National Cyber Security Centre and analysing compromised data.

Threats like this are often mitigated with correct implementation of ISO27001 and ITIL security standards, especially when it comes to ISO’s Operational Security and Supplier Relationships Controls.

 

Leave a Comment