Internet Archive hack a signal that cultural institutions are cyber criminals' newest target

Galleries, libraries, archives and museums lack robust cybersecurity infrastructure

Image | Hacking Photo

Caption: The rise in cyberattacks on libraries is a concerning trend, expert says. (REDPIXEL.PL / Shutterstock)

Media Audio | As It Happens : Internet Archive hack a signal that cultural institutions are cyber criminals' newest target

Open Full Embed in New Tab (external link)Loading external pages may require significantly more data usage.
Everything came to a halt for Brewster Kahle when he realized that the Internet Archive was hacked earlier this month.
The Internet Archive is an enormous collection of digitized print and audio-visual media based in San Francisco. Part of that archive is the Wayback Machine, a database that's archived over 800 billion web pages.
Kahle founded it in 1996. He told As It Happens(external link) host Nil Köksal that his vision was to "build the next generation library … so that you could have access to all the published works of humankind."
Earlier this month, hackers stole and leaked data from the site's over 31 million user accounts — including encrypted passwords and email addresses.
The Internet Archive and Wayback Machine were taken offline to stop further data breaches. It took over a week to get the site fully back up and running again.
"It's just so sad," said Kahle. "It's great to be back up, and we have millions of people now accessing the site again."

Image | Brewster Kahle

Caption: Brewster Kahle is the founder of non-profit digital library Internet Archive. (Submitted by Brewster Kahle)

The hackers also hijacked a third-party helpdesk system which allowed them to send and respond to emails from patrons of the Internet Archive.
According to Victoria Lemieux, a professor of archival science at the University of British Columbia, this attack reflects a concerning trend.
"In the past year, there has been a notable rise in cyberattacks targeting libraries, typically in the public sector," said Lemieux.
A cyberattack on the Calgary Public Library on Oct. 11 forced all of its 22 branches to shut down. In April, a hacker targeted libraries in British Columbia and warned that user data will be exposed unless a ransom was paid. And in October 2023, hackers disrupted services and stole employee data from the Toronto Public Library.
Hackers can steal the trove of library members' personal information for harmful purposes such as extortion, identity theft and selling it on the dark web.

Attack on digital cultural materials

Lemieux says hackers could also be motivated by their desire to tamper with the materials of cultural institutions that make up a group or nation's cultural identity, such as their history, art, poetry and scholarly writing.
"Increasingly, in our geopolitical climate, we have state actors who are behind some of these cyberattacks, and they do it to disrupt our institutions, to create mistrust and in some cases, the nefarious objective of destroying the cultural heritage of the nation."

Image | Victoria Lemieux

Caption: Victoria Lemieux is a professor of archival science at the University of British Columbia. (Phillip Chin)

Lemieux says cultural archives are also a good resource for fact-checking and combating misinformation.
"[It's] really important to … be able to go back to the original sources … and be able to say 'Yes, that was what that person tweeted or that was what that person wrote, or that is the way that it happened," said Lemieux.
While the culprit and motive behind the Internet Archive's hacking are still a mystery, Kahle has his suspicions.
"We don't think that this was a state actor that was attacking us, because they're probably better, but these were skilled hackers," said Kahle.
"There's a lot of tension right now around the United States presidential election. People are on edge and access to information is not necessarily what everybody wants to have happen."
Lemieux agreed, saying the ability to look up people's posts on social media that have since been deleted "could be to the advantage or disadvantage of a political candidate."
However, she said "only a forensic analysis of the attack and determining who is behind the attack would really give us definitive insight to the motivations behind the attack."

Why the rise in library hacking?

Lemieux says places in the GLAM sector — galleries, libraries, archives and museums — have become more susceptible to sophisticated hacking attempts. But compared to other sectors, like banks, their security infrastructure is not as robust.
"Hackers have figured out that municipalities and cultural institutions don't have the money to upgrade their infrastructure…. They don't have sophisticated technical staff," she said.
"They're sitting ducks."
Lemieux added that municipal library archives, like those hit by hackers in Calgary and Toronto, are run by the city so the libraries themselves "don't have much control over what happens from a security perspective."
WATCH | Why hack the Calgary Public Library?:

Media Video | What’s the point of hacking the Calgary Public Library?

Caption: Cybercriminals looking for bigger profits have increasingly turned to public institutions like libraries for their next payday. The CBC’s Helen Pike speaks to experts who give context to the latest victim of a cybersecurity breach: the Calgary Public Library.

Open Full Embed in New Tab (external link)Loading external pages may require significantly more data usage.
Taunted by the hackers for having a shoestring budget(external link), Kahle says he has worked to put in new security measures.
"We really beefed up the firewalls, we went and did code audits, we also put in extra protections for the data stores to basically batten down the hatches," said Kahle.
"We were just designed for a different era. For the last 28 years, people haven't just gone and attacked libraries."

Methods of protection

Lemieux says GLAM institutions have previously been "more insulated" from cyberattacks as hackers preferred other targets, including in the health-care sector.
"But now, they've become the new target. I think we need to be training all of our employees in these cultural institutions to be on guard," she said.
She stressed the need for greater cybersecurity education, training and awareness. She suggested the Canadian Centre for Cybersecurity(external link) which offers resources on how to defend against, report and recover from cyberattacks.
Lemieux also recommends cultural sectors to share their experiences and pool their knowledge to better protect everyone against future attacks.
"Security is a continuous thing and we have notched up our security," said Kahle.
"We heard the message, loud and clear, and we're doing what we can."