Security experts are concerned about the vulnerability in the public sector IT infrastructure, especially at a moment when state-sponsored foreign hackers are on the increase.
The British Library, which is one of the largest document repositories in the world, confirmed to us this week that they had suffered a major outage due to a malware attack. The British Library first reported technical problems on October 28.
Cyber-intelligence experts warn that the incident highlights the under-investment by the government in cyber resilience, especially in critical infrastructure like schools, hospitals, and local authorities.
Jamie MacColl is a researcher at the Royal United Services Institute, which said that hackers are aiming for low-hanging fruits. “No matter how much money the government spends on cyber resilience, these hackers are still a threat. . . Cabinet Office was asked for comment.
Hacking group Rhysida claimed responsibility for Monday’s breach, launching a seven-day online auction of stolen data.
The hackers posted a low-resolution image of British Library employee passports on the dark Web and then opened bidding at 20 bitcoins, which is equivalent to nearly £600,000.
The British Library is a public non-departmental body in London, sponsored by the Department for Digital, Culture, Media and Sport. Rhysida, unlike other ransomware, has targeted vital infrastructure, including schools, hospitals, and government agencies.
Kyle Walter, the head of research for Logically’s anti-misinformation division, said that as these organisations are increasingly threatened by ransomware attacks there is a possibility that state actors will also take advantage of the fallout.
According to US intelligence services, Rhysida was first brought to the attention of authorities in May. The group is connected to Vice Society, an organization with Russian connections that targeted US healthcare facilities in the Covid-19 pandemic.
Last week, the National Cyber Security Centre, a UK government agency warned that cyber threats to IT infrastructure were “enduring and substantial” following an increase in attacks by organisations which it claimed were sympathetic to Russia’s invasion of Ukraine.
According to the Information Commissioner’s Office, there were 1,420 incidents reported of malware, ransomware, and phishing targeting public entities in the first half 2023. The Information Commissioner’s Office reported an increase of 855 incidents compared to the same period in 2018.
The NCSC warns targets of cyber attacks not to pay ransoms, but to rely instead on backups and expensive efforts to recover data.
The Department of Health and Social Care, which oversees the NHS, spent approximately £73mn in 2017 to recover the data that was stolen by the ransomware group WannaCry.
One of the most important things about infrastructure at the edge is that many systems use legacy software. This was one of the reasons that WannaCry became so popular, said Vasileios Karagiannopoulos a cyber security research at the University of Portsmouth.
Sir Roly Keating said the British Library was still assessing “the impact of this criminal assault” and trying to find a way to restore “our online systems”.
The DCMS and NCSC have said that they are working with the British Library in order to determine the impact of recent attacks.
The UK government has allocated £2.6bn to replace legacy IT systems and improve cyber security by 2021. The National Protective Security Authority was launched this year as part of MI5 to help businesses and organizations. It formed the NCSC back in 2016.