British Library Battles Ransomware Aftermath: Catalog Restoration Underway

Nearly three months after a substantial cyberattack on the British Library, its representatives have announced the commencement of restoration efforts for the main online catalog, encompassing 36 million records of books, maps, journals, and musical scores.

The cyberattack, executed by the hacker group Rhysida specializing in ransomware, occurred in late October last year. It segmented the library’s operation into ‘before’ and ‘after’ phases. In November, the library confirmed the theft and subsequent darknet sale of employee personal data by the perpetrators.

Currently, access to the online catalog is limited to a read-only mode, and the complete restoration of the national library’s services is anticipated to conclude by the end of 2024.

Lazarus Group

Sir Roly Keating, the library’s Director-General, has extended apologies to researchers reliant on access to the library’s collections, who were deprived of such access in recent months.

The restored online catalog will enable readers to search for materials, but checking the availability of publications and ordering them for reading room use will operate in a modified format. Access to many key library collections, including archives and manuscripts, will also be reinstated, though some will require personal visits to the library.

Sir Keating also noted the ongoing steps towards full-service restoration, highlighting continued collaboration with the country’s National Cyber Security Centre, police, and experts in future cyber incident prevention.

This situation vividly demonstrates that recovery from a ransomware attack can require immense human resources and time. This raises a contemplation: should the British Library have acquiesced to the ransom demanded by the culprits? Perhaps compliance might have mitigated financial, resource, and reputational damage.