Cyber Attack on Internet Archives: A Major Breach and DDoS Assault

    Ransomware Attack

    In recent weeks, the Internet Archives, a prominent American non-profit digital library, has been under siege from persistent Distributed Denial of Service (DDoS) attacks. On October 9, 2024, the situation escalated dramatically when the organization experienced a significant cyber attack that resulted in the breach of approximately 31 million user accounts, leading to a troubling website defacement.

    Visitors to the Internet Archives began encountering alarming messages on Wednesday afternoon, indicating that the site was the target of a cyber assault. Users were informed that their account details, including sensitive information, had been compromised and could be verified on the “Have I Been Pwned” portal—a service that alerts individuals if their data has been involved in a security breach.

    This cyber attack was notably sophisticated; hackers employed a pop-up notification system that displayed alerts to anyone attempting to access the website during the chaotic hours following the breach. Brewster Kahle, the founder of the Internet Archives, acknowledged the severity of the incident, assuring the public that more information would be shared with the media upon completion of an ongoing investigation.

    Initial reports suggest that the attackers were able to extract a vast amount of data from the compromised accounts. This information included email addresses, usernames, timestamps indicating when passwords were last changed, and Bcrypt hashed passwords—a cryptographic technique often used to secure password storage. The scale of the breach has raised serious concerns about the safety and privacy of user information stored within the Internet Archives.

    A DDoS attack is characterized by an overwhelming influx of fake internet traffic directed at a server, often originating from a network of compromised devices known as botnets. Such attacks are designed to disrupt normal operations, rendering websites inaccessible to legitimate users.

    Interestingly, this cyber incident occurred shortly after the Internet Archives faced a significant legal setback regarding copyright issues. In a contentious legal battle, the organization was forced to remove over 500,000 books from its digital collection, significantly limiting its capacity for digital lending. This decision came in response to lawsuits from several publishers who challenged the Archives’ approach to copyright and ownership of historical works. As a result, the substantial investment made in their scanning technology, dubbed ‘Scribe,’ now appears largely undermined. The San Francisco-based National Emergency Library, launched in 2020 during the COVID-19 pandemic to provide access to digital resources, found itself embroiled in these legal disputes, questioning the very foundation of its mission to preserve and disseminate knowledge.

    As the Internet Archives navigates the fallout from this breach, the implications for digital preservation and access to information remain profound. The organization’s commitment to archiving the internet and its myriad resources is now challenged by the dual threats of cyber attacks and legal restrictions, raising important questions about the future of digital libraries in an increasingly contentious landscape.

    A pro-Palestinian hacking group named SN_BlackMeta has made the claim that it disrupted the servers of Internet Archives as it is an American organization and is supporting Israel in its war with Iran.

    As a result the incident response team was put to action and the website of Internet Archives is now available as “Read-only” service.

    On October 20,2024, speculations are rife that the said organization experienced a third cyber attack at the end of last week. However, there is no confirmation from the org, yet!

    Ad
    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display