back to article British Library's candid ransomware comms driven by 'emotional intelligence'

Emotional intelligence was at the heart of the British Library's widely hailed response to its October ransomware attack, according to CEO Roly Keating. The British Library's (BL) ransomware attack last year was one of the most damaging in recent memory, at least in the UK. The transparency of the organization's response over …

  1. Will Godfrey Silver badge
    Thumb Up


    No panic, no finger pointing, just heads down and barrel through the problem.

    1. Pascal Monett Silver badge

      Re: Impressive

      Totally agreed.

      I wonder what kind of sad idiot downvoted you.

      1. Ian 55

        Re: Impressive

        It wasn't me, but I'd bet they are a BL user.

        Yes, the BL has done well in not paying and the status updates have improved and I'm sure it's been horrible for them too..

        .. BUT..

        .. it's now over six months since this, and unless something's changed in the past few days, you still can't order material to be ready for when you go to a reading room online or by email or by any other way than going to where the material isn't and asking for it to be there in several days time.

        A day trip to London costs me about forty quid. That made sense if I knew the stuff I need would be ready in the reading room of my choice when I turned up. It doesn't if I have to go there just to ask for it to be there the next time I visit.

        1. Paul Crawford Silver badge

          Re: Impressive

          From the linked article it is apparent that they can't simply restore most of this - it depended on legacy hardware/software and with that all trashed they are basically having to start anew to create a system to do what has to be done, but hopefully in a far more secure manner.

          That article also pointed out some of the reasons for this sorry state, that they were legally obliged to do certain things but without added funding, so it had to come out of budgets that ought to have been covering the refresh of core systems.

          TL;DR - same as many others - too little done until too late

  2. sitta_europea Silver badge


  3. Ian 55

    "What was affected was the quality of service we could give"

    Otherwise known as 'if what you needed wasn't on a shelf in the reading room you were actually in, you very probably couldn't get it".

    That moved to "if it wasn't somewhere in the building, you very probably couldn't get it".

    I think we're still at the stage where you can now actually ask for offsite material - and an awful lot of the BL's holdings are kept offsite - but only if you schlep over to where you will want it in several days' time, because you can't request materials any other way.

    That's fine if you live in London (or indeed Boston Spa) less fine if you live outside.

  4. Bitsminer Silver badge

    Reading the report...

    ...available at From the executive summary:

    Our major software systems cannot be brought back ... because they are no longer supported by the vendor or because they will not function on the new secure infrastructure.


    Our cloud-based systems, including finance and payroll, have functioned normally throughout the incident.


    Implementation [of updates and changes] will require significant changes to our applications, our culture and ways of working, and our policies and processes.


    The challenge of rebuilding our technology infrastructure in full also brings risks of capacity and capability within our Technology department...

    The cost to fix the damaged and destroyed systems far exceeds any cost to have replaced and defended them in the first place.

    So many lessons to learn, so few organizations learning them...

    1. heyrick Silver badge

      Re: Reading the report...

      As usual, cutbacks, cutbacks, cutbacks, and more cutbacks.

      It's hard to justify spending money on "what if" when there are dozens of "need it now" things that need funding. It's not great, and things like this can be the result, but it's the reality of the situation.

      1. Anonymous Coward
        Anonymous Coward

        Re: Reading the report...

        "As usual, cutbacks, cutbacks, cutbacks, and more cutbacks...It's hard to justify spending money on "what if" when there are dozens of "need it now" things that need funding. It's not great, and things like this can be the result, but it's the reality of the situation."

        Perhaps so, but at the start of the rear in which the attack occurred, the British Library were sitting on cash and investments of £60m. Not to mention "unrestricted funds" showing in their accounts for over a billion quid. Unlike most of the contributors to this thread, I don't think the BL deserve any credit - they not only allowed it to happen, they failed to recognise that their reliance on obsolete systems meant that data would be irretrievably lost. Emotional communication after the event means nothing.

        1. dkas

          Re: Reading the report...

          While I agree that proactive management of obsolete systems and practices should have been done, and - probably - could have prevented this disaster, I completely disagree with your statement about the irrelevance of communication. For ANY security breach, esp. concerning public organisations and corporations, the transparent handling of this attack by the BL should be hailed as the absolute gold standard. And that is not only for feel-good, nice-reading-bro grounds: nothing is more ruthless in enforcing better systems and practices than a transparent, public look at the problems that exist.

          That is a security practice in and of itself.

    2. Anonymous Coward

      Re: Reading the report...

      > Our major software systems cannot be brought back .. because they will not function on the new secure infrastructure.

      Time was when getting two dissimilar systems and protocols talking to each other was elementary.

      1. doublelayer Silver badge

        Re: Reading the report...

        When was that time? In my experience, the challenges were different, but they still had them. Back before there were software limitations like all the different layers of firewalls, there were hardware ones instead. I'm unaware of any time where shifting a large subset of a larger project to something new was child's play unless it had been designed with that in mind, and in my experience custom-built systems for a company or organization were rarely designed that way because building them for the infrastructure they had now was cheaper.

      2. hayzoos

        Re: Reading the report...

        The first thing that came to mind was "this application must be installed and executed with full admin rights" so frequently found in instructions and FAQS. Plenty of other examples of "turn off security and it will work" exist.

        A secure by design system is completely incompatible with an insecure by design system.

      3. Stoneshop

        Re: Reading the report...

        I've worked on DEC systems sitting in computer rooms brimming with IBM, that had been brought in to get one IBM system to communicate with another IBM system.

        So elementary, in a way, yes, but it couldn't always be done without additional hardware.

  5. rosbiff

    Maybe BL will look back on this (in time) and think that the ransomers did them a favour. How many of us get to start again from fresh?

  6. Reaps


    They need more whale songs and joss sticks.

    What utter bollocks, almost as bad as "conscious uncoupling" bollocks from Gwyneth Paltrow and co.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like