Internet Archive hack signals that cultural institutions are the latest target of cybercriminals

Everything came to a standstill for Brewster Kahle when he realized the Internet Archive had been hacked earlier this month.

The Internet Archive is a vast collection of digitized print and audiovisual media based in San Francisco. Part of that archive is the Wayback Machine, a database in which more than 800 billion web pages are archived.

Kahle founded it in 1996. He told it As it happens presenter Nil Köksal that his vision was to “build the library of the next generation… so that you would have access to all of humanity’s published works.”

Earlier this month, hackers stole and leaked data from the site’s more than 31 million user accounts, including encrypted passwords and email addresses.

The Internet Archive and the Wayback Machine have been taken offline to stop further data leaks. It took more than a week for the site to be fully operational again.

“It’s just so sad,” Kahle said. “It’s great to be back in business, and millions of people can now access the site again.”

The hackers also hijacked a third-party helpdesk system that allowed them to send and respond to emails from Internet Archive users.

According to Victoria Lemieux, professor of archival sciences at the University of British Columbia, this attack reflects a worrying trend.

“Over the past year there has been a notable increase in cyber attacks targeting libraries, mostly in the public sector,” says Lemieux.

A cyber attack on the Calgary Public Library on October 11, all 22 branches were forced to close. In April, a hacker targeted libraries in British Columbia, warning that user data will be made public unless a ransom is paid. And in October 2023, hackers disrupted services and stole employee data from the Toronto Public Library.

Hackers can steal library members’ personal information for malicious purposes, such as extortion, identity theft, and selling it on the dark web.

Attack on digital cultural material

Lemieux says hackers may also be motivated by their desire to tamper with the materials of cultural institutions that shape a group or nation’s cultural identity, such as their history, art, poetry and scientific writings.

“In our geopolitical climate, we have more and more state actors behind some of these cyber attacks, and they are doing so to disrupt our institutions, create mistrust and in some cases the nefarious goal of destroying the nation’s cultural heritage. ”

Lemieux says cultural archives are also a good source for fact-checking and combating misinformation.

“(It’s) very important to… be able to go back to the original sources… and say, ‘Yes, that was what that person tweeted or that was what that person wrote, or that’s how it happened,’” Lemieux said.

Although the perpetrator and motive behind the hacking of the Internet Archive are still a mystery, Kahle has his suspicions.

“We don’t think this was a state actor attacking us, because they’re probably better, but these were experienced hackers,” Kahle said.

“There’s a lot of tension right now around the US presidential election. People are on edge and access to information is not necessarily what everyone wants to happen.”

Lemieux agreed, saying the ability to look up people’s posts on social media that have since been deleted “could be to the advantage or disadvantage of a political candidate.”

However, she said that “only a forensic analysis of the attack and determining who is behind the attack would really give us definitive insight into the motivations behind the attack.”

Why the increase in library hacking?

Lemieux says places in the GLAM sector – galleries, libraries, archives and museums – have become more susceptible to sophisticated hacking attempts. But compared to other industries, such as banks, their security infrastructure is not as robust.

“Hackers have discovered that municipalities and cultural institutions do not have the money to upgrade their infrastructure… They do not have advanced technical personnel,” she said.

“They’re ducks.”

Lemieux added that municipal library archives, like those hit by hackers in Calgary and Toronto, are managed by the city, so the libraries themselves “don’t have a lot of control over what happens from a security perspective.”

LOOK | Why hack the Calgary Public Library?:

What’s the point of hacking the Calgary Public Library?

Cybercriminals looking for bigger profits are increasingly turning to public institutions such as libraries for their next payday. The CBC’s Helen Pike speaks with experts who give context to the latest victim of a cybersecurity breach: the Calgary Public Library.

Reviled by the hackers for having a small budgetKahle says he has been working to implement new safety measures.

“We’ve really strengthened the firewalls, we’ve started doing code audits, and we’ve also added additional data storage protection to batten down the hatches,” Kahle says.

“We’re just designed for a different era. People haven’t just attacked libraries in the last 28 years.”

Protection methods

Lemieux says GLAM institutions were previously “more insulated” from cyberattacks as hackers preferred other targets, including healthcare.

“But now they have become the new target. I think we need to train all our employees in these cultural institutions to be on guard,” she said.

She emphasized the need for more cybersecurity education, training and awareness. She suggested the Canadian Center for Cybersecurity which provides resources on how to defend against, report, and recover from cyber attacks.

Lemieux also advises cultural sectors to share their experiences and pool their knowledge to better protect everyone against future attacks.

“Security is an ongoing thing and we have heightened our security,” Kahle said.

“We heard the message loud and clear and we are doing what we can.”