PhD students have described “stumbling through” their research after losing access to the UK’s national database of doctoral theses, as disruption to the British Library’s digital archive following a devastating cyberattack enters its third month.
The UK’s national library has warned that some services could remain offline for “several months” after the attack by the Rhysida ransomware group – a Russia-linked unit also allegedly responsible for attacks on government institutions in Chile, Kuwait and Portugal – in late October.
Concern among many researchers focuses on the loss of the EThOS archive of 600,000 doctoral dissertations. About half of this site’s users are postgraduates.
Khadijah Na’eem, a PhD student at Royal Holloway, University of London, told Times Higher Education that the loss of “unlimited access” to the British Library’s digital archives had caused her significant difficulties.
“I am stumbling through my research without access to all of that beautiful knowledge, especially EThOS,” she said, adding that she “hoped that the British Library manage to work their way through this nasty attack soon”.
Before the creation of EThOS in 2009, researchers who wanted to access PhD dissertations from other institutional repositories had to apply to the British Thesis Service, and copies of a thesis would be sent to the library’s Boston Spa collection in West Yorkshire.
Academic librarians have also expressed hope that the service will be restored soon. With EThOS now regarded as one of the UK’s great open access resources, its loss would be “a harsh blow to research communities both in the UK and globally”, said Caroline Ball, academic librarian (business, law and social sciences) at the University of Derby.
“EThOS is the only free, open access, large-scale, aggregated source of UK dissertations available to researchers,” explained Ms Ball. “There are institutional repositories and subscription databases, but nothing else that does both for UK theses and researchers.”
EThOS is “also often the only place to find details of many pre-digital era, print-only theses – many of which are in fact digitised on behalf of universities by the British Library as a result of requests via EThOS,” added Ms Ball. “While much of the research itself is archived and duplicated elsewhere, there is no comparable source to bring together, promote and highlight open access to the crucial and innovative PhD research taking place within UK higher education institutions.”
Scott Shapiro, director of the Yale CyberSecurity Lab, said the British Library attack showed that hackers target not just “high-value stuff like passport information” but also data with low financial value but high strategic or reputational importance for governments. Customer data including passport scans is understood to have been offered for sale on the dark web.
“Ransomware is a hostage-taking situation,” explained Professor Shapiro. “The best situation from [the point of view of] a hostage taker is not to care about the information but for the victim to care a lot about it. The UK government obviously cares about its library holding – and it’s embarrassing to them, and they have deep pockets. Add that up and it’s a good play, although the UK intelligence services will be after this group, so it’s risky.”
jack.grove