The British Library lost around £1.6m due to the cyber attack that took place in October last year, recent data has revealed, and may request government funding to upgrade its IT infrastructure.
In response to a freedom of information (FOI) request, the British Library told Civil Society that as of 31 March 2024, it had incurred £600,000 in additional costs due to the attack.
The FOI response adds: “It’s difficult to be precise on income loss directly attributable to the cyber attack; however, this is estimated at £1m. Together, the estimated loss to 31 March 2024 is £1.6m.”
In October last year, the British Library was the subject of a “cyber incident” that caused a “major technology outage”.
A spokesperson told Civil Society: “The scale and destructive impact of the attack means that the process of recovery is complex and challenging, requiring us to bring forward existing plans to renew our entire IT infrastructure.
“We’re currently in the process of scoping and costing this work and therefore cannot yet confirm the final costs associated with the attack.”
‘Significant proportion’ of funding pot to be brought forward
Earlier this year, the charity published a document highlighting the key lessons learned from the attack.
The document says it will bring forward a “significant proportion” of funds set aside to cover investment in a new cyber-secure infrastructure, legacy systems replacement and knowledge management technology in light of the attack.
It adds that a revised three-year budget, “incorporating any additional IT costs and lost income attributable to the attack”, will also be brought to the trustees for approval later in the year.
The charity told Civil Society it is “going through the process of scoping and costing its new digital infrastructure, so the decision of how much of this investment will be brought forward hasn’t yet been made”.
“As part of good financial management, the library will decide whether to approach the Department for Culture, Media and Sport for additional funding only once we have robust cost estimates and fully explored internal options to fund the recovery work, including repurposing budgets and utilising some of the reserves we have built up.”
Attack caused ‘substantial’ damage
In an update published last month, CEO Roly Keating said the cyber attack caused “substantial” damage that will be “complex and challenging to repair”, starting with the installation of a new computing infrastructure for the entire library.
“Although we’re confident that our data, digital holdings and digitised collections are safe and intact – either through back-ups or because they weren’t targeted in the attack – many of our legacy IT systems were encrypted, damaged or deleted,” he wrote.
“The sheer complexity of rebuilding these systems (or workable versions of them) has meant that for the researchers who depend on our resources the months since the attack have been deeply unsettling and frustrating – not least because of the inevitable uncertainties over the exact timetable for restoration of different library services.”
Keating said that work is underway to restore access to the library’s collections, adding that it could take months to restore some items.
It is impossible for the library to “simply switch back on” services due to the “particularly destructive nature of this attack”.
“All of these service restorations, and those to come further down the line, are dependent on the successful installation of a completely new computing infrastructure for the entire library, to replace the servers destroyed by the attackers – a major operation which began soon after the attack and will complete [in June].
“Once that’s in place, the reloading of all the library’s data can finally begin – a painstaking process which involves the sampling and checking of each dataset to ensure that no malware has been left by the attackers that could be reactivated once a file or drive is accessed.”
Related articles
