The Internet Archive has faced a serious cybersecurity crisis that has taken both its Archive.org and OpenLibrary.org platforms offline. The Internet Archive cyberattack, characterized by a data breach and distributed denial-of-service (DDoS) attacks, has raised concerns about the integrity and security of one of the largest digital libraries in existence.
The Internet Archive, a nonprofit organization dedicated to preserving the world’s knowledge, was targeted by a cyberattack that has resulted in a data breach involving the exposure of user credentials for approximately 31 million users. The data compromised includes email addresses and salted-encrypted passwords.
Overview of the Internet Archive Cyberattack
On October 9, the founder of the Internet Archive, Brewster Kahle, confirmed the cyberattack on X (previously Twitter), detailing that the organization had not only been hit by a data breach but had also experienced a DDoS attack and defacement of its website. In his tweet, he wrote, “DDOS attack—fended off for now; defacement of our website via JS library; breach of usernames/email/salted-encrypted passwords. What we’ve done: Disabled the JS library, scrubbing systems, upgrading security.”
The cyberattack on the Internet Archive can be categorized into two distinct incidents: the data breach and the DDoS attacks. Cybersecurity experts have noted that there is currently no evidence linking the two events. According to a report from Cyble, the DDoS attacks were initiated shortly after the data breach was made public, allegedly by a threat actor group named SN_BLACKMETA. This group expressed their motive for targeting the Internet Archive, claiming that “the archive belongs to the USA” and criticizing the organization for its perceived ties to political issues.
While the motivations behind these attacks are being debated, many observers have criticized the choice of target. The Internet Archive is known for its commitment to providing universal access to knowledge, containing over 57 petabytes of data, including more than 866 billion archived web pages. Cybersecurity researcher Kevin Beaumont pointed out on Mastodon that attacking such a vital resource serves no meaningful purpose, stating, “that isn’t sticking it to some evil multinational; it’s attacking a genuinely great resource run on near nothing.”
Security Questions Raised and Recovery Measures
The sequence of events has prompted many to question the security protocols in place at the Internet Archive. Commenters have expressed concern that a website of such magnitude should have been better equipped to protect against a breach of this nature. Critics have noted that, for example, hashed passwords should be effectively isolated from publicly accessible JavaScript. One user pointed out, “A website as large as archive.org should be able to isolate hashed passwords from public accessible Javascript,” referencing how platforms like Wikipedia manage similar functionalities.
This lack of adequate security measures has cast a shadow over the Archive’s reputation, despite its mission to preserve and provide access to a wealth of digital content. The attacks have not only disrupted services but have also forced the organization to reassess its security framework.
The Internet Archive has taken its platforms offline, with Kahle emphasizing the importance of prioritizing user data safety over immediate service availability. He reassured users that the data remains secure and that the team is working diligently to enhance security measures. Kahle stated, “The data is safe. Services are offline as we examine and strengthen them. Sorry, but needed. @internetarchive staff is working hard. Estimated Timeline: days, not weeks.”
Conclusion
The cyberattack on the Internet Archive is part of a troubling trend affecting libraries and information institutions around the globe. Recent incidents have seen various libraries, including the British Library and the Seattle Public Library, fall victim to similar attacks. These cyber incidents highlight the vulnerability of institutions that provide free access to information and the need for enhanced cybersecurity strategies in the digital age.
