National British Library Cyberattack Claimed By Rhysida Group


The aftermath of a significant cyber assault on the UK’s largest library continues to reverberate. Weeks after the National British Library cyberattack that led the institution into a technology outage, Rhysida Ransomware has stepped forward, claiming the security incident.

Cybersecurity analyst Dominic Alvieri, on social media, shared the latest claims made by the hacker collective, including the post circulated by the group on the dark web. Dominic posted, “The National British Library cyberattack has been carried out by Rhysida Ransomware.”

The hacker group has imposed a 7-day deadline, seemingly exerting pressure on the National British Library to comply with their ransom demands.

“With just 7 days on the clock, seize the opportunity to bid on exclusive, unique and impressive data. Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner!” read the text shared by the hacker collective.

Yet, there has been no mention of the nature of the data or the information that was exposed during the National British Library cyberattack. The data is being offered for sale at a price of 20 BTC.

The Rhysida group emerged in May 2023 and utilizes a ransomware variant named Rhysida, a  sophisticated and insidious strain of malware known for its encryption tactics and data exfiltration capabilities.

National British Library cyberattack
(Source: Dominic Alvieri/LinkedIN)

The National British Library Cyberattack: What Happened?

In late October, the National British Library, esteemed for its vast collection and pivotal role in preserving knowledge, experienced a major outage, which gravely impacted services,

What initially appeared as a technical glitch swiftly escalated into a widespread disruption, impacting various services. This encompassed the impairment of online systems, including the website, along with a range of onsite services, such as public Wi-Fi, across London and Yorkshire locations.

It also affected services, including phone lines, compounding the library’s operational challenges.

Updates regarding the National British Library cyberattack continued to be posted on an official blog by the institution, along with its official X(Twitter) handle.

In a recent official update dated November 14, the institution acknowledged the occurrence of the National British Library cyberattack, confirming that it was a ransomware attack. However, no specific hacker collective was identified in the announcement.

We’re continuing to experience a major technology outage as a result of a cyber-attack, affecting our website, online systems and services, and some onsite services too. We anticipate restoring many services in the next few weeks, but some disruption may persist.”

“We have now confirmed that this was a ransomware attack, by a group known for such criminal activity. As mentioned in previous updates, we’ve taken targeted protective measures to ensure the integrity of our systems, and we’re undertaking a forensic investigation with the support of NCSC, the Metropolitan Police and cybersecurity specialists.

Restoring the services is expected to be a lengthy process, with the details of the data exposed in the ransomware attack yet to be disclosed.

The National British Library, established in 1973, is the UK’s largest library, housing over 170 million items including books, manuscripts, maps, and digital content.

Originating from the British Museum Library in 1753, it holds treasures like the Magna Carta and works by literary icons. The library serves as a hub for research and access to a vast array of global knowledge, playing a crucial role in preservation and modernizing access to information.

Following the National British Library cyberattack, the institution stands at a critical juncture, not only with the immediate fallout of the cyberattack but also with the data being exposed and sold by the hacker group.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link