The British National Library is paralyzed by a crypto virus. An attempt was made to sell data on the dark web.

On Halloween, the English National Library was subjected to a computer attack. Information about users is provided on the dark web. British media are speculating whether JK Rowling’s private address has been leaked.

The British Library is exposed to what is called Cryptographic virus attackCryptographic virus attackCybercriminals encrypt an organization’s data so that the organization loses access to it. They usually need money to make the data available again. Also known as ransomware and ransomware.. Criminal hackers first infect computers with malware. These encrypt and lock a lot of data in the affected organization. The blackmailers then demand a ransom to make the data available again.

There are strong suspicions that the criminals behind the attack are linked to Russia or the countries of the former Soviet Union.

The National Library is also exposed to something that has become more common in recent years: double extortion. When they don’t want to pay to unlock data, criminals threaten to sell the information they’ve stolen.

A group calling itself Reseda says it is behind the attack. The Federal Bureau of Investigation (FBI) and two central data security units in the United States created a file NB About the group.

The group appears to attack specifically over internal VPN connections. These are solutions that are used for employees to access the organization’s internal network when they are not present in the office. The recommended solution to prevent hacking is to turn on forced two-factor authentication when using such solutions.

The Guardian spoke to Ravi Billing, a British security expert who thinks so High probability that the group is from RussiaOr the Commonwealth of Independent States (which is Russia and several former Soviet republics).

Auctioning user information

In mid-November, Reseda Group issued a request for money. He points out that the National Library refused to pay the ransom to restore the computer systems.

The criminals went to a new step. They posted low-resolution images of information about users in the library. They displayed the stolen information on a website on the dark web. The opening bid was 20 bitcoins – about 8 million Norwegian kroner at the exchange rate at the time. It is not known whether anyone has purchased the data.

Books, so to speak, are inaccessible

It’s easy to think that a data attack might not be that serious. Historical books and documents in the British National Library still exist. But in reality the institution is paralyzed. When digital systems break down, it becomes impossible to find a manuscript.

The old library catalog with lots of drawers and a small card for each work has long been replaced by digital catalogs. There is also a full overview of where various books and other works are physically located. So, it’s not just a matter of going to the shelf and picking up a book.

In addition, a large number of documents that were once available digitally are of course now gone. The library’s website is still down.

Authors’ own information on the road

The Telegraph wrote that they had seen an email sent from the National Library to the authors. Information about the authors Those who signed a deal that gave them money in exchange for lending books in UK libraries were copied and stolen. Internal databases containing the names, postal addresses and email addresses of many users were stolen.

The Telegraph speculates whether this also applies to author JK Rowling’s special title. The best-selling Harry Potter author has become a controversial figure in recent years. She has made statements about gender identity that, among other things, have upset many transgender activists.

She was forced to call the police in 2021, after three activists posted photos of themselves standing outside her home. The pictures showed parts of street names and numbers.

There are also likely many best-selling authors who are concerned about their privacy after this leak.