Ransomware gangs have targeted the UK state after reports emerged that the British Library successfully withstood a damaging cyberattack without succumbing to the demands of the hackers responsible for the ransomware. The library has made it clear that they did not pay any ransom to the attackers or engage with them in any way.
In a statement released as part of their review of the incident, the library emphasized, “The library has not made any payments to the criminals who carried out the attack nor is it associated with them in any way. Ransomware gangs looking to target publicly funded institutions in the future need to be aware of the UK’s national policy as outlined by the NCSC [National Cyber Security Centre], which clearly prohibits such payments.”
Public institutions around the world, including governments, hospitals, schools, and universities, are frequent targets of ransomware attacks. These attacks often involve encrypting or stealing sensitive data and demanding a ransom for its release or to restore access. Prompt ransom payments have been a common response due to insecure cybersecurity practices and the urgent need to restore operations.
The incident report from the British Library highlights that the National Cyber Security Centre is escalating efforts to combat ransomware threats despite previous government discouragement of ransom payments. The aftermath of the attack has left the library operating below capacity, with research services still incomplete months later.
While the library maintains secure copies of its digital collections, the lack of viable infrastructure for restoration has hindered the recovery process. Efforts to combat ransomware have faced challenges with Russia’s withdrawal from international cybercrime cooperation following its invasion of Ukraine.
Recent crackdowns on ransomware gangs by international law enforcement agencies have shown some success, including the seizure of equipment belonging to the Rockbit gang. However, concerns have been raised by the government’s handling of the ransomware threat, with calls for increased attention and resources to address the growing cyber-attack landscape.
Source: www.theguardian.com
