The cyber-attack against the British Library on 28 October 2023 is just one example of the growing trend in cybercrime. According to Enrico Mariconti, a lecturer in security and crime science at UCL, the attack was likely orchestrated by the Russian hacker gang known as Rhysida, who had been creeping undetected through the library’s digital networks for months before the attack took place.
Once they gained access to the library’s virtual private network (VPN), the hackers were able to make their way through various online systems, ultimately stealing close to 500,000 files containing sensitive information such as employees’ passport scans and work contracts. After the British Library refused to pay a £600,000 ransom, the hackers published the stolen data for anyone to download for free through the dark web, leaving the library’s services and systems in disarray.
This incident highlights the growing sophistication of cybercriminals, who are no longer the solo hackers of the past but rather slick, specialised crime rackets with large, well-organised teams. Groups like Rhysida offer ransomware-as-a-service, allowing anyone to contract them to target a victim of their choice. This business model has allowed cybercrime to flourish, with the attackers using high-profile attacks as advertisements to attract potential clients.
The arms race in cybercrime is also fueled by the lack of investment in cybersecurity by governments, creating open goals for potential aggressors. The environmental impact of this arms race is also a concerning factor, with the running of servers for building malware or defending against attacks resulting in significant carbon emissions.
However, implementing stronger internal borders within the internet, akin to China’s firewall, is not seen as a viable solution by experts, as it goes against the original concept of the internet as a tool for unrestricted global communication.
As cybercrime continues to evolve and pose significant threats to individuals and institutions, it’s clear that a comprehensive and coordinated effort is needed to address this growing problem. From government investment in cybersecurity to international cooperation and technological innovation, it will take a multi-faceted approach to effectively combat the future of cybercrime.