Archives Security in the Cyberage

SAA Security Section member Jim Havron pointed us to two recent articles about a facet of security that we don’t often think about, but could have massive implications for archives and special collections libraries – cybersecurity.

The first, from Security Week, notes that simply running out-of-date software puts a wide variety of firms, including archives and similar cultural heritage institutions, at risk of a data breach. And many of us, upwards of 50% according to the article, are running software that is not up-to-date. A simple fix of updating software is a great first step in securing your electronic assets.

Havron noted in his correspondence that more and more “non-computer” technologies are integrated into the internet of things and one must be aware of the fact that the unpatched software of fire alarms, electronic locks, and other security technology could render those items vulnerable to an attack. As he asked rhetorically, “does your institution have controlled access or fire alarms as part of its security?”

A second article, from info security, mentions the threat of ransomware attacks sent through e-mail. As Havron noted is his correspondence, “It isn’t just for ‘digital archivists’ or ‘electronic records’ anymore. Access points on the first Wannacry attack [the massive ransomware attack in May 2017 that infected over 230,000 computers] included security cameras, refrigerators, baby monitors, and thermostats. If you have any of these things (e.g. environmental controls), there is risk.”

When thinking about security at your institution, it isn’t only about keeping thieves from pilfering dog tags or returning old manuscripts to their rightful owner, it is also about protecting all of your electronic assets from the wide array of cyber threats that exist. If you have any specific questions for Jim Havron about cyber security in archives and cultural heritage institutions, feel free to e-mail him:


Historian Caught Stealing Dog Tags from National Archives

Historian Antonin DeHays was charged in Federal court this week with stealing dog tags of deceased WWII veterans from the National Archives at College Park, Maryland. He sold many of the dog tags on eBay. He even passed off a stolen dog tag that belonged to a Tuskegee Airman as being from his personal collection and donated it to the Military Aviation Museum in exchange for a chance to sit in the cockpit of a Spitfire airplane.

Two weeks after DeHays visited the National Archives at College Park on May 12 this year, staff discovered that dozens of dog tags were missing from the box DeHays had looked at for nearly a half-hour earlier in the month. On June 9, investigators executed a search warrant at his home and found six dog tags along with other documents that belonged to the National Archives.

If convicted, DeHays faces up to ten years in prison for his crimes.

You can find the official U.S. Department of Justice press release about this case here and you can read more about this story from the Washington Post. For more about the NARA Archival Recovery Program, follow their Facebook page.

Crimes Against Cultural Heritage Objects in the News

Recently, there have been three stories in the news that are of interest to those in the world of archives, libraries, museums, and related cultural institutions. They all touch on different aspects of security related to objects of enduring cultural value. All of these stories have appeared on the artnet news website ( in the past week.

The first topic is the loss of cultural heritage during times of war. Alyssa Buffenstein at artnet chronicles the multitude of losses throughout Iraq and Syria attributed to ISIS. She provides details and links about the crimes committed against the ten certified cultural heritage cites in these countries. She also provide links to more information about the Alliance for the Protection of Cultural Heritage in Zones of Conflict (ALIPH). The group, led by France and the United Arab Emirates, was founded in March and has so far raised $75.5 million from seven countries and an American Philanthropist for the protection of cultural heritage throughout the world.

The second topic is the forgery of cultural heritage objects. Simon Parkin at the Guardian wrote about a very interesting interview with Shaun Greenhalgh, an art forger who was arrested in 2006 and served four year in prison for his crimes. During his time in prison, Greenhalgh decided to write about his life as a way to keep himself so busy that other prisoners would not be able to ask him to do drawings for them. His writings have since become a book, A Forger’s Tale. In his book, Greenhalgh explains how he got into the business and how, since his release from prison, he has found a niche for himself legitimately reproducing masterpieces for television and other displays.

The final topic is the teaming up of scholars, cultural heritage institutions, and the police to catch criminals. An academic at Lund University in Sweden purchased a sixteenth-century Italian prayer book online. When he received the book, he found an ink stamp of the Royal Library of Turin on one of the pages. He contacted the Italian embassy in Sweden about this anomaly and after an investigation, the Italian Carabinieri art crimes squad found a book dealer in Turin involved in a crime ring specializing in the trade of books and artworks stolen from institutions throughout Italy.

Beyond this investigation, the Italian Carabinieri announced this week that they have recovered millions of dollars worth of paintings found in one villa near Turin. It was also announced that $100,000 worth of illegitimately exported artifacts were returned from a Manhattan Gallery back to Italy this past week. Since 2016, authorities in Turin have cracked down on the illicit trade in cultural heritage objects leading to the sequestration of 3,470 items. You can find more about the work of the Italian Carabinieri to protect cultural heritage in the Telegraph or on the artnet news site.

UPDATE: Parisian Art Thief and Accomplices Sentenced to Prison

still-life-with-candleWe mentioned on this blog earlier this month that Verjan Tomic was on trial in Paris for his role in the 2010 theft of five works of art from the Musée d’Art Moderne in Paris. To this day, none of the art has ever been recovered. Today, a judge sentenced Tomic to eight years in prison for his role in the crime. In addition to Tomic, Jean-Michel Corvez was sentenced to seven years in prison and Yonathan Birn was sentenced to six years in prison for their involvement in the crime. Beyond jail time, the three were ordered to pay restitution of €104 million, the estimated value of the paintings.

Corvez was an art dealer who supposedly commissioned the heist for €40,000 because he was interested in Ferdinand Léger’s Still Life with a Candlestick, 1922 (pictured) on behalf of an international collector. Tomic, who had a reputation for breaking and entering skills, carried out the crime for Corvez. When Tomic broke a window and a padlock to access the museum, he found that he did not trip the security system – the security system had been turned off due to false alarms as a result of over-sensitivity – so he had more time in the gallery than he expected. With this extra time, he decided to take other peices that caught his eye. In addition to the Léger, he took four other paintings including works by Braque, Matisse, Modigliani, and Picasso.

After the theft, Tomic relied on Birn, a watch dealer, who agreed to hide the paintings. When the investigation into the theft began to enclose on Birn, he panicked and supposedly destroyed the canvases to get rid of any evidence of a crime. During sentencing, it is reported that Birn broke down and stated that if he knew where the canvases were today, he would return them. Investigators doubt this and believe that the art is in the hands of unscrupulous dealers or collectors overseas.

Read more about this case in the Guardian, on the BBC News Website, or in Le Figaro (in French, with video).