British Library catalogues back online after ransomware attack

The British Library has restored online access to its main catalogue of nearly 40 million items on a limited basis as it continues the long and arduous process of recovering from a ransomware attack

Alex Scroxton,
Security Editor

Published: 15 Jan 2024 18:18

The British Library has successfully recovered a significant portion of its main catalogue and restored public access, two-and-a-half months after being forced to take the majority of its IT systems offline after a Rhysida ransomware attack.

One of its most important public-facing systems, the British Library’s catalogue, contains records of over 36 million printed books and journals, rare items, maps, music scores, newspapers and online content. It helps service users to locate and order collection items to its Reading Room for further study – note that users cannot borrow books from the British Library in the same way as they would from their local library.

Library chief executive Roly Keating said: “I’m pleased to confirm that, as promised before Christmas … Monday 15 January will see the return online of one of the most important datasets for researchers around the world: the main British Library catalogue, including details of our printed books, journals, maps, music scores and rare books.

“Its absence from the internet has been perhaps the single most visible impact of the criminal cyber attack which took place at the end of October last year, and I want to acknowledge how difficult this has been for all our users.”

Currently, the catalogue is not in quite the form users will be used to. Most importantly, it is currently “read only”, so although users can search for items as normal, they will have to follow a different process to check availability and order them to the Reading Room.

Additionally, Keating revealed, this week will also see users able to once again access the majority of the British Library’s special collections, including archives and manuscripts, although for now, they will have to visit its St Pancras site to consult offline versions of the requisite catalogues first.

“Taken together, these developments mean that, for the first time since the attack, the majority of physical books, archives, maps and manuscripts held in the basements at our St Pancras site will once again be discoverable and useable by our readers. Although the processes may be slower and more manual than we’ve all been used to, this is the familiar heart of the library’s offering to researchers and restores a core element of our public service. It will be good to have it back,” said Keating.

British Library cyber attack: What you need to know

In this essential guide, Computer Weekly investigates the cyber attack on the British Library that
has rendered IT systems inoperable and caused service disruption to thousands of users.

The cyber attack on the British Library that unfolded in October 2023 has caused significant disruption to many of the institution’s services, forcing it to suspend inter-library loans and payments made to authors when their works are borrowed from public libraries.

It anticipates that it will be able to restore more services in the coming weeks, but has warned that some services may be disrupted for months to come.

The attack also saw a significant amount of user data leaked by the Rhysida cyber crime gang, although no financial information is believed to have been compromised. The British Library has contacted those affected by this leak.

Investigations into the attack, assisted by the Metropolitan Police and the National Cyber Security Centre (NCSC), are ongoing.

Acknowledging that much work remains to be done to recover the British Library’s full breadth of services, Keating said he was keen to hear from users and the wider research community to ensure their needs are accounted for.

“It’s also important, as we enter this crucial new phase of recovery, to say that we are sorry that for the past two months researchers who rely for their studies, and in some cases their livelihoods, on access to the library’s collections have been deprived of it. And we are sorry that for all our efforts we were not able to protect some personal data belonging to our users and our staff from being leaked by these hackers…. It has been a sobering couple of months for all of us,” he said.

Premature cost analysis

In a lengthy statement, Keating also countered reports last week that the cost of the incident could approach £7m – a significant tranche of the British Library’s unallocated cash reserves. He characterised this assessment as “premature”.

A British Library spokesperson told Computer Weekly last week that the final costs of recovery were unconfirmed, but that the organisation was working closely with its government sponsor, the Department for Culture, Media and Sport (DCMS).

“We remain in close and regular contact with … DCMS and will work with them to ensure that our recovery takes place on a secure and financially sustainable basis,” said Keating.

One result of the cyber attack that is locked in, however, is an enhanced focus on the digital transformation efforts that form part of the British Library’s Knowledge Matters 2030 strategic vision, launched in May 2023.

At the time of the initial Rhysida attack, the organisation had been ramping up a significant round of fresh investment in its core technology infrastructure, and according to Keating, this work will be accelerated to ensure that the British Library’s IT estate is stronger and better able to withstand cyber threats.

Read more on Data breach incident management and recovery

British Library cyber attack explained: What you need to know