British Library: National Museum of the Royal Navy hit by cyber attack

National Museum of the Royal Navy Hit by Ransomware Attack

The National Museum of the Royal Navy confirmed it fell victim to a ransomware attack on Monday, 9 December, disrupting services across its network of sites. While the museum’s locations including Portsmouth Historic Dockyard, the Fleet Air Arm Museum, and HMS Caroline in Belfast remain open, the incident has significantly impacted operations. The institution is working with its IT provider, law enforcement, the Royal Navy, and the National Cyber Security Centre (NCSC) to assess the attack’s origin and mitigate its effects.

The breach follows a string of high-profile cyberattacks on cultural institutions, including last year’s Rhysida ransomware attack on the British Library, which resulted in £1.6 million in losses and forced a complete infrastructure overhaul. Museums and libraries globally have faced heightened threats, with similar incidents reported in Canada and the U.S.

In response to growing cyber risks, the UK government has signaled a "tech focus" in its upcoming spending review to bolster defenses for vulnerable organizations. Culture Secretary Lisa Nandy emphasized cross-government efforts to strengthen protections against such attacks. The NCSC continues to provide guidance on cybersecurity best practices.

Source: https://www.museumsassociation.org/museums-journal/news/2024/12/national-museum-of-the-royal-navy-hit-by-cyber-attack/

The British Library cybersecurity rating report: https://www.rankiteo.com/company/the-british-library

"id": "THE1774744288",
"linkid": "the-british-library",
"type": "Ransomware",
"date": "12/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'cultural/heritage',
                        'location': 'United Kingdom',
                        'name': 'National Museum of the Royal Navy',
                        'type': 'museum'},
                       {'industry': 'cultural/heritage',
                        'location': 'Portsmouth, UK',
                        'name': 'Portsmouth Historic Dockyard',
                        'type': 'museum site'},
                       {'industry': 'cultural/heritage',
                        'location': 'UK',
                        'name': 'Fleet Air Arm Museum',
                        'type': 'museum site'},
                       {'industry': 'cultural/heritage',
                        'location': 'Belfast, UK',
                        'name': 'HMS Caroline',
                        'type': 'museum site'}],
 'date_detected': '2024-12-09',
 'date_publicly_disclosed': '2024-12-09',
 'description': 'The National Museum of the Royal Navy confirmed it fell '
                'victim to a ransomware attack on Monday, 9 December, '
                'disrupting services across its network of sites. While the '
                'museum’s locations including Portsmouth Historic Dockyard, '
                'the Fleet Air Arm Museum, and HMS Caroline in Belfast remain '
                'open, the incident has significantly impacted operations.',
 'impact': {'operational_impact': 'significant disruption to operations',
            'systems_affected': 'network of sites, IT operations'},
 'investigation_status': 'Ongoing',
 'ransomware': {'data_encryption': 'Yes'},
 'references': [{'source': 'Cyber incident report'}],
 'response': {'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes',
              'third_party_assistance': 'IT provider, National Cyber Security '
                                        'Centre (NCSC)'},
 'stakeholder_advisories': 'Royal Navy, NCSC, law enforcement',
 'title': 'National Museum of the Royal Navy Ransomware Attack',
 'type': 'ransomware'}