At the end of 2023, the British Library was hit by a severe cyber attack from the Rhysida group, resulting in the theft of 600 GB of data and extensive damage to the institution’s servers. The library estimated that full restoration of its services may not be completed until the end of 2024.
A recent news report underscores that the outdated IT infrastructure played a significant role in prolonging the recovery from the attack, complicating system restoration efforts and lacking support from suppliers.
The report points to a “historically complex network topology” as a key factor that allowed the attackers to gain broad access to the library’s networks and systems. Outdated systems relying on less secure data processing methods facilitated the intrusion and exfiltration of more data.
Highlighting the importance of updating infrastructure and applications to mitigate security risks, the library acknowledges that it took all feasible measures to mitigate the attack but still suffered significant damage.
The requirements for regulating library fees (Non-Print Works) from 2013 constrained the library’s budget, allocating a substantial portion to mandatory services and leaving limited funds for IT infrastructure modernization, leading to the use of outdated systems.
Following the attack, nearly all library services were severely disrupted, including access to Wi-Fi and payment terminals. While the library remained operational, many key services remained limited.
The British Library is now focusing more on adopting cloud technologies and plans to increase their usage significantly over the next 18 months. However, the report highlights concerns regarding the technical team’s workload and the potential challenges in hiring highly skilled IT professionals due to wage policies.
To overhaul the IT infrastructure, the library has revised its budget and is planning to actively upgrade systems over the next 18 months. The report also outlines key lessons learned from the incident that will guide future efforts to enhance IT security and cyber protection.