A disgruntled former IT contractor is behind a recent security incident at the British Museum. Over the weekend of January 25 and 26, the museum had to partially close its doors due to disruptions in key IT systems.
This incident impacted two special exhibitions: one highlighting the Silk Road’s rich history and another featuring the works of Pablo Picasso. The museum’s ticketing platform faced critical issues as a result. A spokesperson confirmed, “The contractor, dismissed just a week prior, entered the museum and disabled several systems.” He was arrested by police on the scene. The museum had to close its exhibitions for the weekend, but they notified ticket holders and issued refunds.
After this disturbance, all exhibitions and facilities have since reopened. The Metropolitan Police stepped in on the evening of January 23, arresting a man in his 50s for burglary and criminal damage. He has been released on bail. Unlike other incidents, this cyber disruption didn’t involve hacking or malware, which likely reduces any lasting effects. The museum’s challenges stemmed primarily from unexpected downtime.
This event highlights the importance of addressing insider threats in cybersecurity. According to IBM’s 2024 report, malicious insider incidents can become expensive, with recovery costs averaging around $5 million, despite making up only 7% of all reported cyber incidents.
Organizations need to include insider threats in their cyber risk planning. These threats are hard to spot because insiders often behave like regular users, striking unexpectedly. This differs from ransomware attacks, where signs of an impending attack can sometimes be detected if proper monitoring measures are in place.
“Cyber security has to be dynamic and continually updated to address evolving threats,” said Spencer Starkey, EMEA vice-president at SonicWall. He stressed the need for a proactive approach that includes regular security checks, threat monitoring, and incident response strategies. Continuous employee training and awareness about current threats are crucial in maintaining robust cybersecurity. By staying agile in their security measures, companies can better manage risk and protect customer trust.