DIGITAL SECURITY IN LIBRARIES. CHALLENGES, THREATS, AND DATA PROTECTION IN THE DIGITAL AGE
GRZEGORZ GMITEREK
https://orcid.org/0000-0002-5692-1824
Afiliacja: Faculty of Journalism, Information and Book Studies; University of Warsaw, Polska
Abstrakt
Purpose of the article – Analysis of selected challenges and threats related to cybersecurity in Polish and international libraries and proposals for solutions to enhance data and user protection. Research methods – The research utilized the analysis and critique of scientific literature and source materials available online, including recent publications, reports, press articles, and industry sources. Artificial intelligence tools such as Scopus AI, SciSpace, Scite, Primo AI Search Assistant and the Perplexity search engine were also used to obtain current data on cyberattack incidents. Key findings – Due to digitization and access to a variety of IT tools, libraries are becoming increasingly vulnerable to cyberattacks. These attacks can lead to data loss, violations of user privacy, service disruptions, and financial and reputational damage. Conclusions – Cybersecurity in libraries requires a comprehensive approach encompassing technologies, procedures, and education. Only such comprehensive measures will minimize threats, protect user data, and ensure the continued operation of libraries in the digital era.
Bibliografia
Akademia NASK (n.d.). “Cyberlekcje. Phishing”. Retrieved August 12, 2025, from https://tinyurl.com/2ux578ds.
Antoń-Jucha, A. (2019, February 28). “Atak hakerski na bibliotekę. Ktoś mógł uzyskać dostęp do danych osobowych”. Retrieved August 12, 2025, from użytkowni-kówhttps://www.dziennikwschodni.pl/krasnik/atak-hakerski-na-biblioteke-ktos-mogl-uzyskac-do-danych-osobowych-uzytkownikow,n,1000238133.html.
“Atak hakerów na serwery UWM. Kłopoty ze stroną Biblioteki Uniwersyteckiej” (2016, January 21). Retrieved August 12, 2025, from https://student.wm.pl/330054,Atak-hakerow-na-serwery-UWM-Klopoty-ze-strona-Biblioteki-Uniwersyteckiej.html.
Bains, H. (2024, December 3). “MR23-00112: Toronto Public Library Closing Letter”. Retrieved August 12, 2025 from https://tinyurl.com/3hmkftdz.
Baza Wiedzy. Serwis Rzeczypospolitej Polskiej. (2022, October 24). “Ransomwa-re – jedno z najpoważniejszych zagrożeń w cyberprzestrzeni”. Retrieved August 12, 2025 from https://www.gov.pl/web/baza-wiedzy/ransomware--jedno-z-najpowazniejszych-zagrozen-w-cyberprzestrzeni.
Breeding, M. (2024). “Libraries Under Cyberattack”. Computers in Libraries, vol. 44 No. 2 — March 2024. Retrieved August 12, 2025 from https://www.infotoday.com/cilmag/mar24/Breeding--Libraries-Under-Cyberattack.shtml.
British Library. (2024, March 8). “Learning lessons from the cyber-attack. British Library cyber incident review”. Retrieved August 12, 2025 from https://cdn.sanity.io/files/v5dwkion/production/99206a2d1e9f07b35712b78f7d75fbb09560c08d.pdf.
Canadian Centre for Cyber Security. (2024). “National Cyber Threat Assessment 2025-2026”. Retrieved August 12, 2025 from https://www.cyber.gc.ca/sites/default/files/national-cyber-threat-assessment-2025-2026-e.pdf.
Castellanos-Rivadeneira, J; Valerio-Ureña, G. (2020). “The Hacker Ethic and the Effective Use of ICTs in Alternative Economic Cultures: the case of Ik’ ta K’op in Abasolo, Chiapas”. Development Studies Research, 7, 1, pp. 131-140, https://doi.org/10.1080/21665095.2020.1816838.
Centralna Biblioteka Wojskowa. (2019, January 4). “Ostrzeżenie dla użytkowni-ków Centralnej Biblioteki Wojskowej dotyczące wiadomości phishingowej. Ostrzeżenie przekazane przez zespół MIL-CERT”. Retrieved August 12, 2025, from https://archiwum-cbw.wp.mil.pl/pl/1_311.html.
Chmielewski, P. D. (2023). Obszary i potencjał zastosowania technologii blockchain w polskich bibliotekach akademickich. Doctoral dissertation. Uniwersytet Miko-łaja Kopernika w Toruniu. Wydział Filozofii i Nauk Społecznych. Instytut Badań Informacji i Komunikacji.
Corrado, E. M. (2024). “Cybersecurity and Libraries”. Technical Services Quarterly, 41(1), 82–95. https://doi.org/10.1080/07317131.2023.2300530.
Czub-Kiełczewska, S., Wojciechowski, Ł. (Eds). (2020). Poradnik RODO dla biblio-tek. Wydawnictwo Naukowe i Edukacyjne Stowarzyszenia Bibliotekarzy Polskich.
Enis, M. (2024, January 17). “Toronto Public Library Recovers from Ransom-ware Attack”. Retrieved August 12, 2025, from https://www.libraryjournal.com/story/toronto-public-library-recovers-from-ransomware-attack.
Facebook Fanpage. Biblioteka Rudy. (2025, 9 July). Retrieved August 12, 2025, https://www.facebook.com/profile.php?id=61578147062312.
Fiscus, M. (2024). “Knowledge Held Hostage: What the British Library Ransom-ware Attack Can Teach Us”. College & Research Libraries, 85(5), 628. doi:https://doi.org/10.5860/crl.85.5.628.
Ghazal, T. M., Hasan, M. K., Zitar, R. A., Al-Dmour, N. A., Al-Sit, W. T., & Islam, S. (2022). “Cybers Security Analysis and Measurement Tools Using Machine Learning Approach”. 2022 1st International Conference on AI in Cybersecurity, ICAIC 2022. https://doi.org/10.1109/ICAIC53980.2022.9897045.
“Haker zablokował stronę biblioteki UWM” (2016, January 25). Retrieved Au-gust 12, 2025, from https://radioolsztyn.pl/haker-zablokowal-strone-biblioteki-uwm/01258151.
Houghton, F., Winterburn, M., & Oakley, K. (2025). “The 2023 Rhysida Ransom-ware Attack on the British Library: Prioritisation, Expertise, and Funding Is-sues”. Information Technology and Libraries, 44(1). https://doi.org/10.5860/ital.v44i1.17112.
Humayun, M., Niazi, M., Jhanjhi, N., Alshayeb, M., & Mahmood, S. (2020). “Cyber Security Threats and Vulnerabilities: A Systematic Mapping Study”. Arabian Journal for Science and Engineering, 45, 3171–3189. https://doi.org/10.1007/s13369-019-04319-2.
Information Commissioner’s Office. (2025, April 2025). Statement on British Li-brary’s 2023 ransomware attack. Retrieved August 12, 2025, from https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2025/04/statement-on-british-library-s-2023-ransomware-attack/.
Işık, Ö. (2024, September 30). “Full transparency: 10 lessons from the cyber-attack on the British Library”. Retrieved August 12, 2025, from https://www.imd.org/ibyimd/technology/full-transparency-10-lessons-from-the-cyber-attack-on-the-british-library/.
Janczewski, R. (2022). “Cyberbezpieczeństwo w życiu społecznym”. In: W M. Butrymowicz, J. Stala (Eds), W służbie społeczeństwu. Polska w obronie praw człowieka na świecie i w kraju (pp. 139-158). Uniwersytet Papieski Jana Pawła II w Krakowie. Wydawnictwo Naukowe.
Jaśkowiak, J. (2025). “Cyberzagrożenia w Polsce 2025: Najczęściej atakowana infrastruktura krytyczna”. Retrieved August 12, 2025, from https://mikrokontroler.pl/2025/04/25/cyberzagrozenia-w-polsce-2025-najczesciej-atakowana-infrastruktura-krytyczna/.
Kavak, A. (2024). “Ethical considerations and privacy concerns in AI-enabled libraries”. In: I. M. Khamis (Ed.), Applications of Artificial Intelligence in Libraries (pp. 45–76). https://doi.org/10.4018/979-8-3693-1573-6.ch003.
Lipińska, Z. (n.d.). “RODO w bibliotece – na co jeszcze należy zwrócić uwagę?” Retrieved August 12, 2025, from https://www.biblioteki.gropius.com.pl/blog/rodo-w-bibliotece-na-co-jeszcze-nalezy-zwrocic-uwage.html.
Łukasiewicz, A. (2024, January 11). “Uniwersytet Zielonogórski o ataku hake-rów: ‘Nie ma dowodów na wyciek danych.’” Retrieved August 12, 2025, from https://zielonagora.wyborcza.pl/zielonagora/7,35182,30584000,uniwersytet-zielonogorski-o-ataku-hakerow-nie-ma-dowodow-na.html.
Mafera, J. (2024, August 31). “Black Basta Cybersecurity Advisory: Endpoint Protection for Healthcare”. Retrieved August 12, 2025, from https://www.cyberdefensemagazine.com/black-basta-cybersecurity-advisory-endpoint-protection-for-healthcare/.
Maj, M. (2024, January 10). “[Aktualizacja] Uniwersytet Zielonogórski ofiarą ataku ransomware”. Retrieved August 12, 2025, from https://niebezpiecznik.pl/post/uniwersytet-zielonogorski-ofiara-ataku-doszlo-do-zaszyfrowania-danych/.
Mayard, S. (2024, November 7). “The British Library Cyber Attack – One Year Later”. Retrieved August 12, 2025, from https://thegdprcomplianceconsultancy.co.uk/british-library-cyber-attack-one-year-later/.
Michałowska, M., & Hassa, E. (2022). “Cyberbezpieczeństwo a zarządzanie toż-samością w czasie pandemii – analiza przykładów zagrożeń”. Studia Admini-stracji i Bezpieczeństwa, 12(12), 99-118. https://doi.org/10.5604/01.3001.0015.9238.
Miejska Biblioteka Publiczna w Kraśniku (2019, March 28). “Aktualności”. Re-trieved August 12, 2025, from https://biblioteka.krasnik.pl/index.php/aktualnosci-gora?start=210.
Nurochman, A., Astuti, E. Y., & Widianingtias, S. (2024). “Analisis Keamanan Siber Sistem Informasi Perpustakaan di Perpustakaan Universitas Jenderal Soedirman”. BACA: Jurnal Dokumentasi Dan Informasi, 45(1), 49–64. https://doi.org/10.55981/baca.2024.1237
Oladokun, B., Oloniruha, E., Mazah, D., & Okechukwu , O. (2024). “Cybersecuri-ty Risks: A Sine Qua Non for University Libraries in Africa”. Southern African Journal of Security, 2. https://doi.org/10.25159/3005-4222/15320.
Panda, S. & Kaur, N. (2024). “Cyber Sentinels: Exploring the Cybersecurity Awa-reness of Indian Library Professionals”. In: I. Khamis (Ed.), Applications of Ar-tificial Intelligence in Libraries (pp. 78-108). IGI Global Scientific Publishing. https://doi.org/10.4018/979-8-3693-1573-6.ch004.
Pohoska, K. (2025, March 3). “Cyberprzestępczość – prognozy na 2025 rok”, Sto-łeczny Magazyn Policyjny. Retrieved August 12, 2025, from https://magazyn-ksp.policja.gov.pl/mag/technologie/137761,Cyberprzestepczosc-prognozy-na-2025-rok.html.
Poniatowska-Jaksch, M. (2024). “Ransomware w sektorze ochrony zdrowia – przyczyny, konsekwencje”. Kwartalnik Nauk O Przedsiębiorstwie, 74(4), 5–16. https://doi.org/10.33119/KNoP.2024.74.4.1
Putri, C. A., Anwar, R. K. , Amar, S. C. D. , & Rukmana, E. N. (2024). “Keamanan Informasi dan Privasi Pengguna dalam Layanan Perpustakaan Digital”. Me-dia Pustakawan, 31(3), 266–276. https://doi.org/10.37014/medpus.v31i3.5317.
Rahim, M. A. A. A., Mohamad, A. M., Kamaruddin, S. & Wan Rosli, W. R. (2024). “Data Leaks Through Public Digital Document Libraries: A Growing Concern in Relation to Personal Data Protection and Cyber Security Regulations”, 2024 7th International Conference on Internet Applications, Protocols, and Services (NETAPPS), Kuala Lumpur, Malaysia, 2024. https://doi:10.1109/NETAPPS63333.2024.10823567.
Saha, R. (2024). “Data Privacy and Cyber Security in Digital Library Perspective: Safe Guarding User Information”. International Journal of Scientific Research in Engineering & Management, April 2024. https://doi:10.55041/IJSREM30761.
Schwartz, N. (2023, August 4). “Over half of higher ed. institutions hit by ran-somware paid to get data back, survey finds”. Retrieved August 12, 2025, from
https://www.highereddive.com/news/higher-education-ransomware-paid-ransom-college/689929/.
SecurityBsides. (2025). “Ataki hakerskie w Polsce 2025 – przegląd zagrożeń i prognozy”. Retrieved August 12, 2025, from https://securitybsides.pl/ataki-hakerskie-w-polsce-2025/.
Uniwersytet Zielonogórski. Centrum Komputerowe. (2024, January 7). “Aktual-ności. Uniwersytet Zielonogórski zaatakowany!” Retrieved August 12, 2025, https://ck.uz.zgora.pl/aktualnosci/uniwersytet-zielonogorski-zaatakowany-15.html.
Wasilewski, J. (2013). “Zarys definicyjny cyberprzestrzeni”. Przegląd Bezpieczeń-stwa Wewnętrznego, 5(9), 225–234.
Wyganowski, A. (2024). “Cyber risks, AI, impacts lessons learned from recent attacks”. Retrieved August 12, 2025, from https://www.dri.ca/docs/2A-Cyber_Risks_AI_Impacts_and_Lessons_Learned_April_11_2024.pdf.
https://orcid.org/0000-0002-5692-1824
Afiliacja: Faculty of Journalism, Information and Book Studies; University of Warsaw, Polska
Biogram:
Dr hab. Grzegorz Gmiterek is an Associate Professor at the Faculty of Journalism, Information and Book Studies of the University of Warsaw. His research interests focus on issues related to the use of new technologies in cultural and scientific institutions (especially Web 2.0 tools and services as well as mobile devices and applications). Scholar Of the Historical and Literary Society in Paris in Dr. Maria Zdziarska-Zaleska’s name. Participant of the US Department of State’s International Visitor Leadership Program “Library & Information Science”. Author of several dozen of scientific publications, including the following books: Library in social network. Library 2.0 (Warsaw 2011), for which he was granted the Scientific Award of SBP in the name of Adam Łysakowski and the CLIO Award Of the Faculty of History of the University of Warsaw, co-author of the book Mobile applications in libraries and beyond published in 2017 (distinction of the Rector of the Warsaw Technical University for the publication academic studies in the field of technical sciences and sciences during the Academic and Scientific Book Fair in the ACADEMIA contest) and the author of the book Mobile applications in information systems. Theory and practice (Warsaw 2020), for which he received the 2020 Science Award of SBP in the name of Adam Łysakowski (category: Works of theoretical, methodological, source character).
Autor składa oświadczenie o oryginalności przesłanego tekstu, a w umowie wydawniczej przenosi na rzecz Wydawcy nieodpłatnie majątkowe prawa autorskie w zakresie jednorazowego opublikowania dzieła.
CC BY-NC-ND 4.0 Uznanie autorstwa - Użycie niekomercyjne - Bez utworów zależnych 4.0 Międzynarodowe
