Four key takeaways for industrial companies from British Library cyberattack

TLDR:

• Legacy systems pose cybersecurity risks and slow down incident recovery.
• Network segmentation is crucial to limiting the damage caused by cyberattacks.
• Skill shortages highlight the need to automate tasks and prioritize risks and vulnerabilities.
• Senior management and boards should take ownership of cybersecurity to prevent attacks.

While cyberattacks occur daily, the attack on the British Library in October 2023 highlighted key lessons that industrial companies can draw from. The attack, carried out by the Rhysida ransomware gang, was facilitated by compromised employee credentials through the VPN. The report from the Library’s detailing the attack offers insights applicable to the wider industry.

The report emphasized the risks posed by legacy systems, noting that complex and outdated software contributed to the severity of the attack and hindered recovery efforts. This highlights the importance of auditing and updating systems based on risks and vulnerabilities, rather than relying on obscurity for cybersecurity.

Additionally, network segmentation was identified as a critical mitigation strategy to limit the damage from cyberattacks. Poor network segmentation allowed attackers wider access and prolonged disruption, making companies more susceptible to ransom demands. A multi-layered approach to segregating networks can help prevent such incidents.

The cyberattack also shed light on the need to address skill shortages in IT teams. Automating manual tasks can free up IT professionals to focus on critical areas such as vulnerability detection and risk assessment. By prioritizing risks and investing in automation, companies can better prepare for and respond to cyber threats.

Lastly, the report emphasized the role of senior management and boards in cybersecurity. It recommended that all senior officers and board members have a clear understanding of cyber risks and invest strategically in defenses. Senior leadership should regularly discuss current risks and mitigation strategies, and recruiting board members with cyber expertise is advised.