Tag: Technology

Cyber Security – The British Library’s cyber-attack: disruption and resilience

Published on by Seema RampersadLeave a comment

This article is kindly reproduced here with the permission from SLA’s Information Outlook Magazine, Issue: April 2024 on Information Security. Thank you to Leslie Steele for suggesting this article, and for the Editorial Board for the continuous hard work and time.

Link to full issue: https://www.flipsnack.com/6AF9F9FF8D6/spring-2024-unqt6r4f0g/full-view.html

SLA Website: https://sla.org/

On Saturday, 28th October 2023, I was the Duty Officer managing the services in the Reading Rooms, and therefore made my way to work at the British Library for the start of the day. The night before, I had sent an email from home very late and it would prove to be my last interaction with our technology for several weeks. As I arrived at work there was panic and confusion over a major technology outage, and we were not entirely sure what the full implications were at the time. The previous summer we had experienced some technology issues, and I presumed this incident was related to that problem. I couldn’t even send an email or call colleagues on the telephone using the British Library’s computers.

Thankfully with the help of my colleagues and staff, who knew how to operate without the library’s technology, communicated with me via their smartphones on how we could resume service and open our Reading Rooms despite this challenge. With our website down, we were able to only communicate with our customers and readers verbally or via X (Formerly Twitter). The Wi-Fi was also down so it really was back to basics. The rest of the day passed without a lot of complaints, but I was on edge until we closed as I would have had to deal with any issues without having the answers for the technology problems. At least our readers were physically safe whilst I was on duty. However, I knew this would be an ongoing crisis for my colleagues returning to work on Monday and that we would have to be prepared for the days ahead.

It wasn’t until the third day without technology that we heard from our Gold Leadership Team that this was in fact a ransomware cyber-attack and we were unlikely to get back to normal for not weeks, but months. The initial disruption in hardware and software continued for weeks with no access to the British Library website or intranet. Our personal and customer computers were taken away to be fixed and new software and security updates were installed on our British Library assigned laptops. We had to go into crisis communication mode for those early weeks with staff and teams while still providing service. Some of the most used forms of communication were in-person staff briefings, email communications, and updates in the corporate Knowledge Matters blog.

The website eventually resumed in December with access to our catalogue and essential service points and information. The one most significant aspect I miss is the electronic resources for our end-users, and collection items retrieval from our site in Boston Spa. We are still a long way from pre-cyberattack content, data, and technology ability as we were so integrated; we are still unable to print from our staff profiles and while Wi-Fi access has resumed, it is in a temporary capacity compared to prior to the cyberattack. There seems to be a lot of work-arounds in our workflows and we are still apologising to customers who are unaware of the current situation. In the Business & IP Centre, we have continued to run most user services such as workshops, reference enquiries, one-to-one meetings, training, and projects, but we still miss our end-user access to electronic resources and databases.

As the cyberattack is so large-scale and the impact enormous, there has been a lot of media coverage and articles written on the attack. The media coverage made the general public aware that one of the most regarded national institutions was under threat with a ransomware attack by the group for payment within a deadline to the value of £600000 to be paid in Bitcoin. We were also aware that we had to inform staff, ex-staff, and customers of the threat of a ransomware attack especially with regards to their personal data. There were remedial measures put in place and we increased our awareness of some of the risks for data to be leaked on the dark web. Throughout this time, the British Library has been advised by the National Cyber Security Centre (NSCS) and other cybersecurity staff. In addition to being a national institution, I am sure there has been a thorough investigation and assessment on the steps that are required for recovery from the cyberattack. At the beginning of this year, staff were informed of the plan and programme for recovery as well as given an outline of what to expect in the next 18 months. It was at this briefing that the issues of the legacy systems and technology infrastructure were disclosed and the new opportunities for the library to ‘build back better’ or accelerate some of the new technological developments that were on the cards for our strategy to ‘Modernise the Library’. The Rebuild and Renew Programme was launched with more clarity on some of the work that the library implemented in time to build back better prior to the cyberattack.

The Chief Executive Officer, Roly Keating, has always been very vocal on the impact on our services, access to the collection, discovery, research, and the whole mission for sharing the world’s knowledge held in the British Library. There is a great blog post on the impact entitled Knowledge Under Attack. I also felt annoyed that this attack had impacted one of the most open libraries in the world, and in the sharing of knowledge and information for our many customers, partners and friends! However, it did highlight a couple of our vulnerabilities: lack of infrastructure development, and lack of investing in dedicated professional staff. There are some uncomfortable readings in the review report, several learning points, and other insights on how one can protect their own investments and risk management in these areas. The review highlights “Although the security measures we had in place on 28 October 2023 were extensive and had been accredited and stress-tested, with the benefit of hindsight there is much we wish we had understood better or had prioritised differently. With that in mind, this section identifies a number of early lessons from this attack which may be helpful for others as they consider their own investments and risk management in these areas.”

As an active library and information professional, I have always been aware of information security. I also helped host some information security related events in the past for SLA Europe, and as part of the Workplace Preparedness Council when we created a template for business continuity where our research mentioned cyber security as one of the threats libraries and research organisations may encounter. One of the other review recommendations is: “practice comprehensive continuity plans: Business Continuity Plans for the total outage of all systems need to be practised regularly, in addition to those relating to individual systems and services“.

With this heightened professional upskilling with SLA and my previous employers, I had looked at the time to see if a Business Continuity Plan was public for the British Library. Due to the sensitive nature of the content, the plan is not public. However, this does not prevent local departments and services from having plans for business continuity in place.

Hopefully, more people will see the importance of these plans and workplace preparedness for crisis management. In some aspects, the cyberattack has had its own challenges for our digital access as we continue to have limited access. Compare this to the recent pandemic in 2020-2021 where we could not get to the physical building, but we still had digital access. These recent crises should warn us that we can never predict but we can certainly prepare and plan for emergencies and future online and physical challenges.

At the MLA|SLA Conference 2023, I also attended a session wherein the panellist presented on ‘Cyber-crime and Information Content’ of an attack at their university. The cyber-criminals were after personal databases, unique research, and intellectual property. It did make me sit up and listen as I realised that criminals will try to attack anyone regardless if you are a research organisation or a bank! Much more so a national institution like the British Library as I was soon to find out a few months later. Ideally, I think as information professionals and good citizens, we should try to protect ourselves and our organisations from these inevitable threats as we live digitally. I have since told my friends that this threat can happen to anyone with data breaches or security risks from our local council, national passports, banking systems, retail, etc. It is obviously terrible when these events happen in our normal lives but it should also be an opportunity for us to promote digital literacy, compliance, good information governance, and security. It makes great financial and economic sense to invest in personal and organisational information security and professionals!

Six months on from the cyberattack, we are still not back to ‘normal’ in many aspects as we await the return of hardware, a fully functioning online presence, and the rebuild of legacy infrastructure. The hardest part is having to spend extra time catching up on the things I can’t easily do whilst in the office or going the extra mile to meet with customers to discuss their research needs and how we can give content and information with these challenges. It has been exhausting at times as we are constantly in a state of change or flux and though I am used to change – we are having to implore all our change management strategies and resilience. It seems we were only just beginning to get back from the ripple effect of the pandemic and now we are getting used to new challenges in the office and library. It is not a normal day in the office.

This has brought about high levels of anxiety and new well-being challenges for staff, customers, and stakeholders as with Public Lending Rights payments. We are certainly a research organisation and the cyberattack has prevented us from doing important work and business for academics and entrepreneurs. I have recently hosted tours from three university groups and partner organisations for projects. We are showing users around virtually and in person but we are still restricted on what we can access.

There is an element of regret that this has happened to us at the British Library. I also am personally annoyed that I am slower in fulfilling my tasks, and our users might not have access to the information they require in person near or far. The 18-page review of the Cyber Attacks aims to share our lessons learnt and encourages you to also be aware of the impact that this has on us; hopefully, you too can mitigate against cyber-attack or criminality. I implore you to be conscious and proactive as an information professional in your role as custodians and curators for specialised libraries, collection management, information, research, data, knowledge, insights, and other high-value assets in your organisations. Together we can empower and enlighten each other to face these threats now and in the future. And despite the disruption and challenges with the cyberattack at the British Library there are several new opportunities to learn and grow from this experience. The insights and learning certainly can make us more aware of dangers but we can develop strength and resilience and good old-fashion knowledge from the experience. The old wise adage resonates now…every cloud has a silver lining.

Further References:

Spotlight on Women Inventors and Innovators

Published on by Seema RampersadLeave a comment

I have been meaning to write and research women inventors for a number of years for Women’s History Month in March.  There are so many interesting stories of women inventors who have been highly intelligent, practical, innovative and trailblazing as they look for solutions to problems, develop new products, simply fill a gap in the market, and so many other reasons for creating new inventions.  Having recently looked as some of the links and stories below, they have made me feel in awe of their abilities and drive to get these from idea to successful invention – some from everyday items in our life to the cutting edge of science and technology. I am also pleased to say that I found so many stories that I am unable to spotlight them all on here.  I will, however, share some of the most inspirational women inventors, and some of the context around their stories.

I had to make my own living and my own opportunity. But I made it! Don’t sit down and wait for the opportunities to come. Get up and make them.

Madame C J Walker

Firstly, there would have been women inventors from the beginning of humanity but they may not have been documented for their inventions, as well as not given the credit for the inventions they produced.  In the last few centuries, women inventors have been recorded – with some of the earliest documented are Jeanne Villepreaux Power (aquarium), Nancy Johnson (ice cream maker), Ada Lovelace (First Computer Programmer) and Marie Curie (Research and Radioactivity) many more.  Some of these from the 19th century seem to be a direct result of the industrial revolution, as well as advancement and changes in lifestyles, homes and workplaces at the time.

Geographically too there have been a good balance. There are inventions that are happening now in all parts of the world, and I was pleased to see many international sites and even came across Globalwin (Global Women Inventors and Innovators Network), which featured Mark Sheahan – who is our Inventor in Residence at the British Library.  The world is very diverse and so too the types of inventions and innovations that are developed by women – from sustainable ideas to the use of natural resources available to them.  In my day job, I still meet several women founders who are planning their business with new products that they cannot source in current markets in the UK, or are using materials they have found in other countries and/or manufactured by international communities. 

Innovation by women are changing the world. However, women remain underrepresented in international patenting. – WIPO

The World Intellectual Property Office (WIPO) has been celebrating the achievement of women inventors this month, but also highlighted some of the issues and challenges.  They have this resourceful page which states: “it is estimated that only 17.7 percent of inventors named in international patent applications were women in 2023. While numbers are rising, progress is slow”. Despite the lower numbers, there are some great case stories and the intellectual property that women inventors hold.  The case studies are international with various being developed from women across the globe on inventions or innovations ranging from solar energy, fish-skin products, beauty developments. There is still a lot to work towards filling the inventor gender gap, but there is certainly some special representative women who are doing their best to create new products and innovations across the globe.

Here are five inspirational women inventors who have been so interesting to read about:

Nancy M Johnson – Ice cream maker

Ice cream makers and equipment seems to be an invention that women were keen to develop. The Lemelson Center for the Study of Inventions and Innovations has a great blog post on Nancy M. Johnson who invented the ‘Artificial Freezer’ or ice cream maker.  It was very laborious to make ice cream in the techniques prior to her invention, and her inventions also help to save time to make a smoother more consistent ice cream. She was also one of the first women to file for a patent in her own name and not that of her Professor husband! Nancy was able to make her idea a commercial success but it was then bought by William Young who developed the ice cream maker further by making it even faster to make ice cream. The information in the blog hyperlinks to the Library of Congress’s photo in their online catalogue and short biography of her life. One thing leads to another – ice cream also need an ice cream scoop, and therefore that was another mechanical invention created Alfred F Calle.

Lisa Lindahl – Sports Bra

Lisa was a keen jogger in the 1970s, apparently running about 30 miles per week.  She realised that there was not enough support and garments for her and her friends Polly Smith and Hilda Miller who are also attributed in this link for the National Register of Inventors Hall of Fame.  What stood out for me is that she used ‘jockstraps’ support that was made of men and came up with a prototype for the jogging bra.  The rest they say is history: “When Smith sewed two jockstraps together and both Lindahl and Miller tested it on a run, they had the first workable sports bra prototype”. I have wondered about a ‘normal bra’ being developed over hundreds of years for women, but it is interesting reading about this and the photos are amusing too. I remember my colleague meeting with some female entrepreneurs over a decade ago where they were planning to create bras with better supportive straps that were more supportive for the larger busted women!

Katerine Johnson – Science Nasa Computer

There are quite a few women of colour who have created amazing products and helped with innovations over time.  It would have been more difficult as there would have been some discrimination in what was once a male-dominated world.  Katerine Johnson worked with other black women in the segregated states in the USA. This BBC Link with Science in Focus mentions: “Johnson and other black women initially worked in a racially segregated computing unit in Hampton, Virginia, that was not officially dissolved until NACA became NASA in 1958”. She worked on many space missions in the 1960’s and some of her black women colleagues were known to be the unsung heroes of NASA’s space mission. They were featured in the film Hidden Figures, which explored their story and the double standards at the time. It is a lot easier to see women in STEM celebrated, but for women inventor to file patents – it was difficult, especially women of colour. Such as Ellen Elgin who created the laundry wringer for clothes.  Although you did not have to disclose ethnicity in 1800s in the USA for patents, Ellen sold her patent for $18.00 at the time and was known to have said: “You know I am black and if it was known that a Negro woman patented the invention, white ladies would not buy the wringer. I was afraid to be known because of my colour in having it introduced into the market, that is the only reason.” Thankfully, the world has improved since then, and women inventors in STEM are thriving in the right conditions that support them.

“We will always have STEM with us. Some things will drop out of the public eye and will go away, but there will always be science, engineering, and technology. And there will always, always be mathematics.”

Katerine Johnson
Katerine Johnson – Source:
Katherine Johnson Receives Presidential Medal of Freedom
Source: Nasa Langley

Hedy Lamarr – Wireless Communications

I didn’t know much about Hedy Lamarr until I started this blog post research.  She was not only a famous Hollywood star – she seemed to be interested in inventions. Hedy was born to a Jewish family in Austria but fled to the USA when the country was invaded.  During World War II, she wanted to help the Allied Forces fight the Nazi from bombing. She worked with George Antheil to develop a new way to steer torpedoes. She knew that radio-signals used to control torpedoes could be jammed by the Nazis, which will make them miss their targets, and she wanted to come up with unjammable alternative. They both came up with different radio frequencies known as frequency-hopping (FH) which means the system could switch between keys.  This has been attributed to the invention to WiFi and Bluetooth – which was patented in 1942 but was not classified until 1981 and only used for military technology. There is a more detail explanation on this New Scientist article here. I can remember the first time I heard about WiFi and broadband in the 2000s, and even then, I was amazed by it.  We all know that we need and use WiFi every day now in our lives.

Marie Curie – Radio and mobile X-Ray

Marie Curie was a great scientist but also an inventor in some of the discoveries she made in her time. Her breakthrough discoveries in new radiation therapy for cancer treatment and x-ray machine advanced science and medicine.  She was most famous for radioactivity, a term she coined herself.  My first understand of of her was when I saw the Marie Curie Cancer Charity raising funds and caring for family who have been affected by cancer – her daughter had given them permission to use her name as the charity want to perpetuate her scientific medical research.  I haven’t really stop to think about what she did in as much details as I have in the last couple of days.  There are some amazing photos of her in her laboratory as well as in her personal life.  There was also a great Google Doodle and page celebrating her contribution to medical and scientific research as well as her contribution to humanity and saving lives. The next time I see the charity collection funds in her name – I’ll remember her immense contribution to the world.

“You cannot hope to build a better world without improving the individuals. To that end each of us must work for his own improvement, and at the same time share a general responsibility for all humanity, our particular duty being to aid those to whom we think we can be most useful.”

Marie Curie

Further links to women inventors:

Beautylich – Black History Month https://www.beautylish.com/a/vzjmr/black-history-month-hair-industry-innovators-inventors

European Patent Office – https://www.epo.org/en/news-events/in-focus/women-inventors

Iderdrola – https://www.iberdrola.com/talent/women-inventors

Lemelson Center for Study of Invention and Innovation – https://invention.si.edu/diverse-voices-women-inventors

National Women’s History Museum – Inventive Women – https://www.womenshistory.org/exhibits/inventive-women

USA Today – 50 things you never knew women invented – https://eu.usatoday.com/picture-gallery/money/2019/03/12/50-things-you-never-knew-women-invented/39158945/

Wikipedia – https://en.wikipedia.org/wiki/List_of_women_innovators_and_inventors_by_country

WIPO – https://www.wipo.int/en/web/ip-advantage/women-innovators-stories