The Internet Archive, a nonprofit digital library website, has finally started to recover from a data breach and series of distributed denial-of-service (DDoS) attacks that caused its systems to go offline for a week. Founded in 1996 by Brewster Kahle, the archive provides users with free access to a vast collection of historical web content through the Wayback Machine, which includes over 150 billion webpages, close to 250,000 movies, 500,000 audio items, and more.
The disruption occurred on October 9 when hackers managed to steal and leak the account details of an estimated 31 million users, resulting in a temporary shutdown of the Internet Archive site. Users were met with a pop-up message that indicated the security breach and directed them to the “Have I Been Pwned” site to check if their information had been compromised in the breach.
As a precautionary measure, the Internet Archive went offline to prevent further attacks from occurring. Brewster Kahle, the founder, took to social media platforms to inform users that the restoration process would take several days, if not weeks, to complete. He also mentioned that the Wayback Machine had resumed operation in a limited capacity, allowing users to view archived content in read-only mode.
Recent updates from Kahle indicate that the Wayback Machine is now fully operational, but efforts are still ongoing to ensure the safety of other Internet Archive services and items. Netscout, a cybersecurity firm that analyzed the breach, revealed that they had observed 24 DDoS attacks targeting the Autonomous System Number (ASN) 7941, which is associated with the Internet Archive project. The initial attack lasted for more than three hours, and during the assault, three IP addresses linked to the Internet Archive received DDoS traffic.
According to Netscout researchers, these types of attacks can serve as motivation for adversaries to launch similar attacks in the future. Bruno Kurtic, co-founder and CEO of Bedrock Security, expressed his view that breaches of this nature may be unavoidable, highlighting the importance of proactive data security measures such as policy management, encryption, and continuous monitoring to safeguard against potential threats.
In conclusion, the Internet Archive has made significant progress in recovering from the recent data breach and DDoS attacks. While the incident highlighted vulnerabilities in their systems, the organization is taking steps to enhance their security measures and protect user data moving forward. As cyber threats continue to evolve, it is crucial for organizations to prioritize data security and implement robust defense mechanisms to mitigate potential risks.