The British Library cyber breach was an attack on the world’s knowledge

On October 29 last year, the British Library in London posted on X saying that the institution was struggling with “technical issues”. As these continued day after day, it became clearer to the library’s readers and thousands of scholars what had actually happened: the BL had fallen prey to a massive cyber attack, carried out by a criminal group that has become notorious for such things.

The BL holds something like 170mn items; essential digital archives, entire collections of texts and images and access to online learning resources were severely disrupted. Librarians and readers could no longer retrieve books, and after the BL declined to pay the ransom that had been demanded, the attackers dumped enormous quantities of employees’ personal data on to the dark web.

Six weeks later, the BL’s chief executive Roly Keating wrote in a blog post: “The people responsible for this cyber attack stand against everything that libraries represent: openness, empowerment, and access to knowledge.”

Cyber attacks on libraries, museums, public institutions and organisations of all kinds have been steadily rising. In 2021, the Boston Public Library was hit by a ransomware attack that shut down its systems for a week; the library took months to recover fully. The Toronto Public Library managed to keep its branches open after a massive cyber attack last October, but has suffered data leaks, breaches and substantial damage to its networks.

By January this year, the library — which, like the BL, refused to pay — was mostly back online. But as Toronto’s city librarian Vickery Bowles put it, speaking to Library Journal, “I think this represents an attack on the very essence of civil society.”

The butterfly effect of the BL attack in particular is staggering. While the focus has naturally been on researchers in the UK, academics, historians and scholars around the world have been severely affected too. As El País’s Rafa de Miguel reported recently, many Spanish scholars have had to change travel plans or switch to other topics of research. And in India, several writers and historians have privately expressed frustration to me at the lack of communication; since UK visits often have to be planned months in advance for scholars from non-EU countries, the inability to access records or to know when digital archives might be searchable again is a major blow.

For UK and Irish authors, the delay in Public Lending Right payments, which are administered by the BL and can bring in substantial sums, has been hard to absorb when royalties and advances are already low. Libraries make readers into writers, and their archives and quiet workspaces are often where our books take shape.

Of course, such attacks pale beside the physical destruction of archives that so often accompanies conflict. As war has ripped through Sudan, Gaza and Ukraine, one of the most painful losses alongside the appalling humanitarian toll has been the demolition of libraries and museums. Gaza’s public library has been shelled into rubble, along with the Rashad al-Shawa Cultural Centre. Pen International estimates that at least 570 libraries in Ukraine have been destroyed or severely damaged by Russian forces. And in Sudan, the library of the Mohamed Omer Bashir Centre for Sudanese Studies was consumed by fire last May, destroying centuries of historical records. In the absence of digitisation and online cataloguing, if such archives are obliterated, we forever lose part of humanity’s shared history.

The British Library is recovering, slowly — its vast catalogue is back online, though librarians are unable to add new items. But the crippling attack raises essential questions around the lack of secure systems, poor funding, communication that has seemed lacking, and insufficient clarity on the way forward. It is likely to be months before this global institution returns to business as usual.

Information security will be critical in the years ahead, as criminals grow ever more sophisticated. Still, I’m glad for the solidity of the books and manuscripts in the BL — only partly accessible for months, yes, but unharmed. If the vast repository of knowledge that the collection represents existed only in the cloud, how much more terrifying would this attack have been?

Join our online book group on Facebook at FT Books Café and subscribe to our podcast Life and Art wherever you listen