Hacked Once, Hacked Again: Internet Archive Becomes a Sitting Duck for Cyberattacks

October 24, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

The Internet Archive, a digital repository with the noble mission of providing “universal access to all knowledge,” is facing an unprecedented challenge.

In the span of just weeks, the nonprofit organization, which has cataloged and preserved web pages and online content for nearly three decades, has been struck by multiple cyberattacks, exposing vulnerabilities and raising alarms about the future of one of the internet’s most essential resources.

A Digital Lifeline Under Siege

It all started on October 9, when the Internet Archive confirmed a massive breach, resulting in the leak of data from approximately 31 million user accounts. Brewster Kahle, the project’s founder, took to social media platform X (formerly Twitter) to confirm the attack. The hackers exposed email addresses and encrypted passwords, rattling the Archive’s global community of users who rely on the service for everything from academic research to preserving old websites.

The cyberattack wasn’t just a one-time hit. This breach came just months after a distributed denial-of-service (DDoS) attack in May that caused intermittent outages across the Archive’s services. “It was the first time the site had been targeted like this,” Kahle explained in an interview with The Washington Post, emphasizing the gravity of the situation.

For the first time in its history, the Internet Archive—home to the iconic Wayback Machine—was taken offline, leaving users without access to decades’ worth of digital content. Though the organization was back online a few days later in a read-only state, the damage had already been done.

Hacked Once, Hacked Again

Barely two weeks after the initial breach, the Internet Archive suffered another devastating cyberattack on October 20. This time, hackers exploited Zendesk API tokens that hadn’t been properly rotated, gaining access to thousands of support tickets dating back to 2018. The breach compromised personal identification documents, raising questions about the organization’s security protocols.

The attack went beyond the theft of data. The hacker, still anonymous, used the compromised Zendesk platform to send taunting messages to users and media outlets, claiming continued access to the Archive’s support system. In emails sent to organizations like Recorded Future News, the hacker expressed frustration at the Archive’s failure to address the breach properly: “Even after being made aware of the breach 2 weeks ago, they have still not done the due diligence of rotating many of the API keys.”

The defacement of the Archive’s JavaScript, the leaking of 31 million user accounts, and the second breach through Zendesk are all signs of a broader issue—an organization, dedicated to preserving the internet’s history, suddenly becoming a target of relentless cyber warfare.

The Cyber Vigilantes and Their Motives

Interestingly, the attackers haven’t made any ransom demands. Instead, it appears the motivations are reputational, driven by the desire for recognition within hacker circles. While the group SN-Blackmeta claimed responsibility for the DDoS attacks, the identity of the hacker behind the data breach remains unknown.

This suggests a new form of cyberattacker—one more interested in showing their prowess than seeking financial gain. However, that doesn’t lessen the risks for the users whose personal information was compromised. Experts warn that the stolen data could easily be used for phishing attacks or identity theft.

The Road to Recovery

Despite the recent breaches, Kahle assures users that the Archive’s vast digital repository remains safe, even as its services struggle to fully recover. But the question remains—how can the Internet Archive protect itself moving forward?

As the keeper of the Wayback Machine and millions of digital files, the Internet Archive’s vulnerabilities have become a wake-up call. It’s not just a question of keeping the service online; it’s about safeguarding a digital treasure that holds historical significance.

Security experts suggest that the Archive, like any other organization of its scale, needs to implement regular security audits, adopt secure coding practices, and respond to vulnerabilities immediately. Given its shoestring budget, however, some wonder whether the nonprofit has the resources to do so effectively.

What’s Next for the Internet Archive?

The series of attacks has raised broader concerns about the safety of critical digital infrastructure. The Internet Archive isn’t just a platform; it’s a vital repository of human knowledge and history. Losing access to it, even temporarily, serves as a reminder of how fragile our digital world can be in the face of rising cyber threats.

In the aftermath of these events, the Internet Archive must now balance the pressure to enhance its cybersecurity measures with its mission to provide free, unrestricted access to knowledge. It’s a daunting task for an organization built on ideals of openness, especially in a world increasingly defined by the threat of cyberattacks.