Library Cyber Defenses Are Falling Down

In an age where digital warfare and cyber espionage have become commonplace, institutions such as libraries and museums are locked in an asymmetrical battle against well-resourced adversaries. The massive ransomware attack on the British Library last October should be ringing alarm bells for knowledge repositories around the world.

The Rhysida ransomware group is believed to be behind the attack, where attackers stole user data and employee information. The attackers released low-resolution images of employees' passports and dumped almost 600 GB of leaked material online. The ransom demand was for 20 bitcoins, or approximately $750,000 (£600,000). The attack underscores a disturbing trend: Libraries and other knowledge resources worldwide are vulnerable to digital attacks that have effects that go beyond just data loss. The loss or manipulation of the knowledge stored within these institutions could have far-reaching implications for global history, culture, and even political landscapes.

Traditionally seen as physical sanctuaries of knowledge, institutions such as the British Library, Library of Congress in the United States, and the Bibliothèque nationale de France are increasingly transitioning their extensive collections of rare manuscripts and historical records to digital formats for preservation and broader public access. The reliance on technology for online activities, digital exhibitions, and interactive experiences using wireless networks has democratized access to knowledge and opened new avenues for cybercriminals to exploit vulnerabilities.

Digitization Brings Heightened Risks

The cyberattack on the British Museum is part of a broader trend of increased cyber threats against cultural institutions. One notable incident involved anonymous hackers accessing the personal details of donors to several hundred cultural institutions across the UK and US, including the Smithsonian Institution and the Corning Museum of Glass. This breach was executed through a third-party cloud software company and resulted in the exposure of hundreds of people's personal information. Additionally, the American Museum of Natural History and four major tourist attractions in London, including the Tate and the Natural History Museum, suffered cyber breaches, with millions of attacks recorded over three years.

The battle is even more uneven when state-sponsored entities equipped with sophisticated tools and resources are involved. These attackers are not just after financial gain but are motivated by the desire to control, manipulate, or erase historical narratives and cultural identities. In some cases, the goal is to steal intellectual property for strategic advantages.

"Public institutions, such as libraries, are rarely equipped with sufficient budget, staff, or other resources to effectively withstand the extensive and advanced attacks put forward by a variety of nation states," says Josh Chessman, a technical evangelist and former Gartner analyst.

Securing Cultural Institutions

One of the critical challenges facing these institutions is the lack of resources, both financial and technical, to adequately defend against cyber threats. While large corporations and government entities often have significant budgets for cybersecurity, libraries and museums, despite their importance, do not have the same level of funding or expertise.

“Libraries and the like cannot afford to pay what Google can pay,” notes Chessman.

Moreover, the open and public-serving nature of these institutions makes them inherently more vulnerable. They are designed to provide access to information, which can conflict with the stringent security measures needed to protect against cyberattacks.

As museums continue to adopt new technologies, experts emphasize the importance of ensuring that security measures grow and mature in line with innovation. Regular vulnerability scanning, staff training on safer remote working practices, phishing scam identification, and adherence to data protection laws are crucial steps in mitigating these risks.

The responsibility for securing these institutions also belongs to governments and other organizations. One approach could involve increased funding for cybersecurity measures, public-private partnerships to provide expertise and resources, and global cooperation to address the cross-border nature of cyber threats.