Internet Archive hacks signal that cultural institutions are new target for cybercriminals

Everything came to a halt for Brewster Kahle when he realized the Internet Archive had been hacked earlier this month.

The Internet Archive is a massive collection of digitized print and broadcast media based in San Francisco. Part of this archive is the Wayback Machine, a database that has archived more than 800 billion web pages.

Kahle founded it in 1996. He said As it happens host Nil Köksal said his vision was to “build the next generation library…so you can have access to all of humanity’s published works.”

Earlier this month, hackers stole and leaked data from more than 31 million of the site’s user accounts, including encrypted passwords and email addresses.

Internet Archive and Wayback Machine have been taken offline to stop further data breaches. It took over a week to get the site fully operational again.

“It’s so sad,” Kahle said. “It’s great to be back, and millions of people are accessing the site again.”

The hackers also hijacked a third-party help desk system that allowed them to send and respond to emails from Internet Archive users.

According to Victoria Lemieux, professor of archival studies at the University of British Columbia, this attack reflects a worrying trend.

“Over the past year, there has been a notable increase in cyberattacks targeting libraries, typically those in the public sector,” Lemieux said.

A Cyberattack on Calgary Public Library on October 11, its 22 branches were closed. In April, a hacker targeted libraries in British Columbia and warned that user data would be exposed unless a ransom was paid. And in October 2023, hackers disrupted services and stole employee data. from the Toronto Public Library.

Hackers can steal library members’ wealth of personal information for nefarious purposes such as extortion, identity theft, and sell it on the dark web.

Attack on digital cultural documents

Lemieux says hackers might also be motivated by their desire to falsify the records of cultural institutions that constitute the cultural identity of a group or nation, such as their history, art, poetry and scholarly writings.

“Increasingly, in our geopolitical climate, state actors are behind some of these cyberattacks, and they do so to disrupt our institutions, create distrust, and in some cases, achieve the nefarious goal of destroying the cultural heritage of the nation. »

Lemieux says cultural archives are also a good resource for fact-checking and combatting misinformation.

“(It’s) really important to… be able to go back to the original sources… and be able to say ‘Yes, this is what this person tweeted or this is what they wrote, or this ‘That’s how it happened,'” Lemieux said.

Although the culprit and motive for the Internet Archive hack remain a mystery, Kahle has her suspicions.

“We don’t think it was a state actor attacking us, because they’re probably better, but they were skilled hackers,” Kahle said.

“There is a lot of tension right now around the presidential election in the United States. People are nervous and access to information is not necessarily what everyone wants.”

Lemieux agrees, saying the ability to search social media posts that have since been deleted “could be to a political candidate’s advantage or disadvantage.”

However, she added, “only a forensic analysis of the attack and determining who is behind the attack would really give us definitive insight into the motivations behind the attack.”

Why this increase in library piracy?

Lemieux says venues in the GLAM sector – galleries, libraries, archives and museums – have become more vulnerable to sophisticated hacking attempts. But compared to other industries, like banks, their security infrastructure is not as robust.

“Hackers have understood that municipalities and cultural institutions do not have the money to modernize their infrastructure…. They do not have sophisticated technical staff,” she said.

“They’re easy targets.”

Lemieux added that municipal library archives, like those attacked by hackers in Calgary and Toronto, are managed by the city, so the libraries themselves “don’t have a lot of control over what happens from a security point of view.

WATCH | Why hack the Calgary Public Library? :

What’s the point of hacking the Calgary Public Library?

Cybercriminals looking for bigger profits are increasingly turning to public institutions like libraries to get their next paycheck. CBC’s Helen Pike speaks with experts who provide context for the latest victim of a cybersecurity breach: the Calgary Public Library.

Mocked by hackers for having a restricted budgetKahle says he has worked to put new safety measures in place.

“We’ve really hardened the firewalls, we’ve done code audits, we’ve also put in additional protections for the data stores to batten down the hatches,” Kahle said.

“We were just designed for a different time. Over the last 28 years, people haven’t just attacked libraries.”

Protection methods

Lemieux says GLAM institutions were previously “more protected” against cyberattacks, with hackers preferring other targets, particularly in the healthcare sector.

“But now they have become the new target. I think we need to train all our employees at these cultural institutions to be on guard,” she said.

She highlighted the need for increased cybersecurity education, training and awareness. She suggested the Canadian Center for Cyber ​​Security which offers resources on how to defend, report, and recover from cyberattacks.

Lemieux also recommends that cultural sectors share their experiences and pool their knowledge to better protect everyone against future attacks.

“Security is an ongoing thing and we have increased our security,” Kahle said.

“We heard the message loud and clear and we are doing what we can.”