Library Hacking

07 Oct 2024

Bookworms Beware: Hackers Launch Cyberattacks On Libraries Globally

Sausalito, Calif. – May 15, 2024

Taylor Fox spent five years working at libraries before joining Cybercrime Magazine as a media coordinator. The former page and clerk dug up some interesting market data on a disturbing trend that is affecting bookworms across the world: Our libraries are under cyberattack. ReadMore

Bookworms Beware: Hackers Launch Cyberattacks On Libraries Globally https://t.co/mI9aMPS0n0 @NASAJPL is @TedRossLA working ... this is common news and @caltech is blocked I cannot help you @MarsCuriosity / @NASAPersevere with mapping bc my @Caltech portal to @NASAMars=#BLOCKED pic.twitter.com/A2kicc9dvU

— ricoThaka (@RicoThaka) October 7, 2024

British Library cyberattack

In October 2023 Rhysida, a hacker group, attacked the online information systems of the British Library. They demanded a ransom of 20 bitcoin, at the time around £596,000, to restore services and return the stolen data. When the British Library did not acquiesce to the attempt, Rhysida publicly released approximately 600GB of leaked material online.

== Attack methods ==

The Library stated that the attackers probably used a [[phishing]], [[spear-phishing]] or [[brute-force attack]] facilitated by a compromise of third-party credentials as well as a lack of use of multi-factor authentication by the library. After gaining access, Rhysida used three methods to identify and copy the 600GB of documents during the attack, including personal details of Library users and staff. These were:

• A targeted attack that copied full sections of [[Network drive

  network drives]] of the Library’s Finance, Technology and People teams, which made up 60% of all content copied.

• A [[keyword attack]] which scanned for files and folders that used sensitive keywords in their names, including ‘passport’ or ‘confidential’, which constituted 40% of the copied data and included files from [[Corporate network

  corporate networks]] and personal drives used by staff.

• A hijacking of native utilities, which were than used to forcibly create backup copies of 22 databases of data including contact details of external users and customers.

Furthermore, Rhysida and its affiliates destroyed servers to inhibit system recovery and [[Forensic science

forensic analysis]].

https://en.wikipedia.org/wiki/British_Library_cyberattack

[BacK](./)