Adrian Johnson
TLDR:
- The British Library is recovering from a cyber attack and is seeking security contractors.
- They are looking for a partner to deliver the first phase of their Web Foundations project.
The British Library is still in the process of recovering from a devastating ransomware attack in October 2023. They are now issuing a £400,000 tender seeking security contractors to help rebuild their infrastructure. The attack forced the institution to revert to a pre-digital state, abandoning many IT systems. The library is seeking a partner to deliver the first phase of its Web Foundations project, aiming to replace the current interim website with a more robust, scalable, sustainable, and secure platform. The attack significantly hindered the library’s digital transformation initiative, the Web Discovery project, launched in 2022.
The library was targeted by the Rhysida ransomware gang, which auctioned nearly 500,000 files of data after the attack. The leaked data, primarily from human resources files, was made available on the dark web when the library refused to pay the ransom. The institution committed to allocating around 40% of its financial reserves to recover from the incident.
In a post-mortem analysis, the library identified its complex legacy IT infrastructure as a factor that delayed recovery efforts. Legacy systems are hindering recovery, and the library needs to migrate to new versions or rebuild some systems entirely. Core services like remote ordering and online resources are slowly returning almost a year after the attack. The chief executive emphasized the disruption that cyber attacks can cause, not only in rebuilding systems but also ensuring the network is free from malware.
This ongoing recovery process highlights the importance of cybersecurity and the challenges organizations face in rebuilding after a cyber attack.
