In October last year, the British Library became the victim of a major ransomware cyber-attack, the impact of which was deep and extensive. While physical access to the library wasn’t affected, online systems and services were massively disrupted, the website went down, and staff initially lost access to basic communication tools including email.
Immediate action to isolate and protect the network was undertaken, but significant damage was already done: the attackers had destroyed their route of entry and encrypted or deleted many IT systems. They also copied a significant amount of data, which they attempted to auction online and, a month later, released on the dark web.
Sir Roly Keating, CEO of The British Library, gave an informative and eye-opening speech on the library’s initial and ongoing incident response, including collaboration with NCSC, refusal to pay the ransom and ongoing challenges, as well as admitting mistakes that were made and changes that have since been implemented. Transparency and honesty have become the key messages from the lessons learned – read the full Incident Response report here.