Rhysida claims it hacked the British Library


Ransomware gang Rhysida has claimed responsibility for a cyberattack launched against the British Library last month and launched an auction for the data it alleges it has stolen on its victim blog. The organisation added that the sale will conclude by 27 November with bids opening at 20 Bitcoin, equivalent to £591,000 at the time of writing. This announcement was accompanied by an image showing a selection of the data stolen during its alleged hack, according to The Register, including employment documents and several passport scans. 

Eduardo Paolozzi’s sculpture of Isaac Newton outside the British Library. Last month the institution was victim to a ransomware attack that crippled most of its online services. (Photo by Lucian Milasan / Shutterstock)

The claim follows a devastating cyberattack against the British Library in October that crippled most of its online services. The outage took both the institution’s website, public WiFi and card payment services offline, in addition to its online ordering system (the gift shop, however, remains inviolate.) Since the attack, the British Library has resorted to updating the public using its X (formerly Twitter) account. A recent post confirmed that the outage had been caused by a ransomware attack. As such, the post continued, “we’ve taken targeted protective measures to ensure the integrity of our systems and we’re undertaking a forensic investigation with the support of NCSC, the Metropolitan Police and cybersecurity specialists.”

Since the attack, many researchers have seen their projects slowed or halted. One London-based historian told The Telegraph that it was now impossible to order items from the British Library’s satellite book depository in West Yorkshire. “It’s possible to get some books, but everything has to be done by hand,” said Elizabeth Prochaska. “Only certain types of books can be ordered – ones that are here.”

Wrong sid’a Rhysida

Rhysida was first documented by security researchers in May when it claimed to have hacked the Chilean Army. Operating according to a ‘ransomware-as-a-service’ model, the gang leases the use of its ransomware software to other criminals for a fee. After being deployed via phishing attacks, this malware not only locks its victims’ systems but also exfiltrates sensitive data. Access to both is then ransomed. Rhysida’s previous victims also reportedly include the Portuguese city of Gondomar, an operator of 16 US hospitals, and the University of the West of Scotland

Precisely why Rhysida targeted the British Library remains unknown (the institution did not respond to a request for comment from Tech Monitor.) The fact that the gang has begun an auction of the data it allegedly stole from the institution has indicated to some cybersecurity experts that ransom negotiations between the two have broken down. “Rhysida are likely to have not been paid the ransom they have finally demanded and are now pushing out the next phase of the attack by threatening [the] release of data,” ESET’s global cybersecurity advisor Jake Moore told The Register.

A more unusual version of this brinkmanship occurred last week, when the ransomware group BlackCat reported one of its victims to the US Securities and Exchange Commission – though, as a public body funded by the UK government, which is opposed to ransomware payments, a ransom payment from teh British Library may always have been unlikely. 

Content from our partners
Collaboration along the entire F&B supply chain can optimise and enhance business

Inside ransomware's hidden costs

The future of data-driven enterprises is transforming data centre requirements

Share post:


More like this

Ross Matthews Named UK’s New Ambassador to Chad

Mr Ross Matthews has been appointed His Majesty's...

‘He Isn’t Suited To International Cricket’: Hasaranga Launches Brutal Attack On Umpire After Huge No-Ball Saga

Wanindu Hasaranga (Source: AFP)Sri Lanka T20 captain Wanindu Hasaranga...

UK air-drops life-saving aid into Gaza for first time amid Israeli blockade

For free real time breaking news alerts sent straight...