Ransomware Makes the British Library Nearly Inaccessible – IOTW Report

Ransomware Makes the British Library Nearly Inaccessible

public books

On Halloween, 2023, the British Library suffered a massive cyberattack, which rendered its web presence nonexistent, its collections access disabled, and even its wifi fried. Moreover, the cyberattack also swept the personal data of the British Library’s humans—its users, but, far more extensively, its staff—into the hands of an outside party. During the final week of November, images of the stolen data were presented for auction on the dark web, for sale to whoever’s willing to pay 20 bitcoin, or about £600,000. By making the library’s digital infrastructure into a commodity (in an open, albeit dark, market), a “ransomware gang” calling itself Rhysida hopes to pressure the British Library to pay up first. More

9 Comments on Ransomware Makes the British Library Nearly Inaccessible

  1. Of course they blame Russia even while stating not knowing who did it. I mean, who else could they possibly blame?

    Having data locked because of ransomware especially in a large company is inexcusable. Modern file systems like ZFS allow snapshots and those snapshots can be stored anywhere and taken at any time. It’s as easy as clicking “restore” and all your files are now unlocked and restored at a point before the ransomware was activated.

    Of course this does nothing for stolen data to be leaked, but it at least allows you to not be held ransom without your data. Had the British library used basic modern filesystem technology properly they wouldn’t be dealing with this on two fronts. They need to take responsibility for not protecting data, now the price starts at 20 bitcoin to get their shit back. Cry harder. Heck, even I use ZFS and my data ain’t worth diddly.

    8
  2. Will the Manuscripts the British Empire had stolen from subjucated and ruled colonies, protectorates, countries and other territories be returned??

    The empire’s first acquisition started in the 16th century. Over time many artifacts and manuscripts were taken world-wide.

    By the end of the 19th century, the British Empire comprised nearly one-quarter of the world’s land surface and more than one-quarter of its total population.

    The last significant British colony, Hong Kong, was returned to Chinese sovereignty in 1997. By then, virtually nothing remained of the British Empire.

    What hidden manuscripts, journals and artifacts will be uncovered?

    3
  3. Ransomeware infections usually occur from stupid human behavior, and since there’s no limit to that, you can’t definitively stop it.

    And as for backups, well, depending on the architecture and what the malware action is, your backup may be compromised as well.

    We had one several years ago that was called EVIL because it appended a .EVIL suffix on files that weren’t critical for computer operation. It left the computer grossly operable so it could helpfully tell you
    where and how to send money that would probably NOT result in your computer being cleansed, but they certainly hope you try.

    This was on a critical “tool” system filled with years of regulatory logs and also pivotal in actual machine operations. The details don’t matter but suffice to say we could not operate without it.

    Because this was so sensitive I did insist on it having an “Air Gap” firewall, meaning it was not to have any physical connection to the wider world. Unfortunately, our R&D folks insisted on a remote connection so they could review files without physically sitting in the room, and our retarded IT person at the time thought the Internet was an answer to that, as it was supposed to be secured by a number of protocols from anyone accessing it from the outside, and so it was.

    But the connection was a two-way street, so some idiot used it from inside to surf porn and gave us ALL an infection.

    The system DID have a backup, automated daily, to an external IT department rack-mounted hard drive, so that’s nice. Unfortunately, the action of the malware was such that it followed connections to EVERY MAPPED DRIVE and infected THOSE too. So now we have a main system AND a backup file both sporting a .EVIL suffix and completely inaccessible.

    Happily, I also kept an entire backup controller spun up and had last updated it from the main host about a month previously (I wasn’t more current than that because it was SUPPOSED to have an accessible daily backup),
    and between data that I and the R&D guy had previously pulled for unrelated reasons, we ended up losing about a week’s worth of trend data. Because the system produced hard copy reports as it ran and also because
    I had the backup spun up, our primary loss was a shift of production (because it happened on overnight shift, that’s when the playbabies are basically unsupervised) and some unpleasantness with regulators and extra work for me.

    But it could have been much, much worse. I could have ended the company.

    …we yanked R&Ds remote connection, fired the guy who was playing around with the porn, and I started keeping backups on an offline device that is ONLY connected while archiving is in progress. Lesson learned,
    nicht wahr? Until the next time someone does something stupid…

    …people can be unbelievably dumb, and stupidly persistent about some things. Every. Single. Computer. on the floor WILL have people on overnight shifts TRY to get to porn on it when they’re bored, regardless of if it has any possible connection to the Internet or not. I learned early on to lock down the communication settings because people new juuuuust enough to wreck them if you left the ETHERNET opened, and that only
    got worse with WiFi and Bluetooth. There was one time that we had a production logging system (not mine, managed by IT) that the day shift lead (a woman) opened one morning to have a splayed-out young woman showing her all, with the Cyrillic text suggesting that it may have been one or both of our two Russian overnight operators as most English speakers couldn’t navigate there in the first place.

    And there was another one, further back, called the ILOVEYOU virus because you had to be stupid enough to open an email that said I LOVE YOU on your BUSINESS system from an UNKNOWN address to infect everything.

    …so, of COURSE someone opened it immediately and goobered up the Email system (again, not mine).

    You can’t cap all the vulnerability, and you CERTAINLY can’t stop people from being stupid. All you can do is back up as well as you can, keep everything disconnected to the greatest extent possible,
    and be prepared for the complete loss of EVERY system.

    …this doesn’t even START to get into EMPLOYEES who attack your system ON PURPOSE from within, but that’s a different subject for another day…

    4
  4. Harry Eyeball MONDAY, 18 DECEMBER 2023, 9:31 AT 9:31 AM
    “Does the ransomware prevent the books from being taken off the shelves???

    Oh that’s right, the homeless don’t read.”

    …I think what EVERY nation is trying to do is to “digitize” EVERY founding document, EVERY legal text, EVERY writing of EVERY person involved in creating and controlling Governments as they are now…and then DESTROY THE ORGINALS.

    THAT way, they can change the ELECTRONIC ones ANY TIME THEY WANT TO, and gaslight everyone into thinking they just don’t remember it correctly, and ALL the “evidence” will be ON THEIR SIDE.

    This will be a new Dark Ages. Future historians, if any, will have no record of our times as little will survive and what DOES survive will be in an unknown to them file format and so inaccessible.

    Just the way our self-appointed masters WANT it.

    “Every record has been destroyed or falsified, every book has been re-written, every picture has been re-painted, every statue and street and building has been re-named, every date has been altered. And that process is continuing day by day and minute by minute. History has stopped. Nothing exists except an endless present in which the Party is always right.”
    ― George Orwell

    5

Comments are closed.