Internet Archive hack a signal that cultural institutions are cyber criminals' newest target
Catherine Zhu | CBC Radio | Posted: October 23, 2024 6:52 PM | Last Updated: October 23
Galleries, libraries, archives and museums lack robust cybersecurity infrastructure
Everything came to a halt for Brewster Kahle when he realized that the Internet Archive was hacked earlier this month.
The Internet Archive is an enormous collection of digitized print and audio-visual media based in San Francisco. Part of that archive is the Wayback Machine, a database that's archived over 800 billion web pages.
Kahle founded it in 1996. He told As It Happens host Nil Köksal that his vision was to "build the next generation library … so that you could have access to all the published works of humankind."
Earlier this month, hackers stole and leaked data from the site's over 31 million user accounts — including encrypted passwords and email addresses.
The Internet Archive and Wayback Machine were taken offline to stop further data breaches. It took over a week to get the site fully back up and running again.
"It's just so sad," said Kahle. "It's great to be back up, and we have millions of people now accessing the site again."
The hackers also hijacked a third-party helpdesk system which allowed them to send and respond to emails from patrons of the Internet Archive.
According to Victoria Lemieux, a professor of archival science at the University of British Columbia, this attack reflects a concerning trend.
"In the past year, there has been a notable rise in cyberattacks targeting libraries, typically in the public sector," said Lemieux.
A cyberattack on the Calgary Public Library on Oct. 11 forced all of its 22 branches to shut down. In April, a hacker targeted libraries in British Columbia and warned that user data will be exposed unless a ransom was paid. And in October 2023, hackers disrupted services and stole employee data from the Toronto Public Library.
Hackers can steal the trove of library members' personal information for harmful purposes such as extortion, identity theft and selling it on the dark web.
Attack on digital cultural materials
Lemieux says hackers could also be motivated by their desire to tamper with the materials of cultural institutions that make up a group or nation's cultural identity, such as their history, art, poetry and scholarly writing.
"Increasingly, in our geopolitical climate, we have state actors who are behind some of these cyberattacks, and they do it to disrupt our institutions, to create mistrust and in some cases, the nefarious objective of destroying the cultural heritage of the nation."
Lemieux says cultural archives are also a good resource for fact-checking and combating misinformation.
"[It's] really important to … be able to go back to the original sources … and be able to say 'Yes, that was what that person tweeted or that was what that person wrote, or that is the way that it happened," said Lemieux.
While the culprit and motive behind the Internet Archive's hacking are still a mystery, Kahle has his suspicions.
"We don't think that this was a state actor that was attacking us, because they're probably better, but these were skilled hackers," said Kahle.
"There's a lot of tension right now around the United States presidential election. People are on edge and access to information is not necessarily what everybody wants to have happen."
Lemieux agreed, saying the ability to look up people's posts on social media that have since been deleted "could be to the advantage or disadvantage of a political candidate."
However, she said "only a forensic analysis of the attack and determining who is behind the attack would really give us definitive insight to the motivations behind the attack."
Why the rise in library hacking?
Lemieux says places in the GLAM sector — galleries, libraries, archives and museums — have become more susceptible to sophisticated hacking attempts. But compared to other sectors, like banks, their security infrastructure is not as robust.
"Hackers have figured out that municipalities and cultural institutions don't have the money to upgrade their infrastructure…. They don't have sophisticated technical staff," she said.
"They're sitting ducks."
Lemieux added that municipal library archives, like those hit by hackers in Calgary and Toronto, are run by the city so the libraries themselves "don't have much control over what happens from a security perspective."
WATCH | Why hack the Calgary Public Library?:
Taunted by the hackers for having a shoestring budget, Kahle says he has worked to put in new security measures.
"We really beefed up the firewalls, we went and did code audits, we also put in extra protections for the data stores to basically batten down the hatches," said Kahle.
"We were just designed for a different era. For the last 28 years, people haven't just gone and attacked libraries."
Methods of protection
Lemieux says GLAM institutions have previously been "more insulated" from cyberattacks as hackers preferred other targets, including in the health-care sector.
"But now, they've become the new target. I think we need to be training all of our employees in these cultural institutions to be on guard," she said.
She stressed the need for greater cybersecurity education, training and awareness. She suggested the Canadian Centre for Cybersecurity which offers resources on how to defend against, report and recover from cyberattacks.
Lemieux also recommends cultural sectors to share their experiences and pool their knowledge to better protect everyone against future attacks.
"Security is a continuous thing and we have notched up our security," said Kahle.
"We heard the message, loud and clear, and we're doing what we can."