Cyberattack strikes museum world through commonly used software

According to The New York Times hackers targeted software that many museums use to show their collections online and to manage sensitive information.

A cyberattack on Gallery Systems, a technological service provider for hundreds of cultural organizations, has prevented several prominent museums from displaying their collections online. Institutions such as the Museum of Fine Arts Boston, the Rubin Museum of Art in New York, and the Crystal Bridges Museum of American Art in Arkansas have confirmed system outages in recent days.

Gallery Systems noticed the issue on December 28 when computers running its software became encrypted and unresponsive. The company took immediate steps to isolate the affected systems and prevent further damage, including taking systems offline. An investigation has been launched with the assistance of third-party cybersecurity experts and law enforcement has been notified.

The cyberattack has caused disruptions on several museum websites as eMuseum, a tool for online collection searches, is currently down. Internal disruptions have also been reported, with curators unable to access sensitive information from the TMS program, another Gallery Systems tool.

Cyberattacks against cultural groups are becoming increasingly common, often carried out by ransomware groups that hold online services hostage until a ransom is paid. The nature of the attack on Gallery Systems is currently unclear.

Some museums, such as the Metropolitan Museum of Art and the Whitney Museum of American Art, were unaffected as they host their own databases. The Museum of Fine Arts, Boston confirmed that while its digital collection page was down, its internal data was not compromised.

The full extent and impact of the cyberattack are yet to be determined. The loss of information about museum artifacts, often the result of generations of curatorial research and documentation, would be a significant blow to global knowledge.