A Publication of the Public Library Association Public Libraries Online

How to Avoid Becoming a Ransomware Hostage

by on March 10, 2018

Ransomware took down service at another public library system in January. Spartanburg County Public Libraries in South Carolina is in the process of recovery of their services. The ransomware infected servers and caused the loss of public computers, WiFi, the ability to borrow materials, holds notifications, as well as loss of digital services across the entire 10-library system. Library staff resorted to checking out materials the old-fashioned way for several days. Spartanburg opted not to pay the ransom demand, 3.6 to 3.8 bitcoins, an estimated $36,000. Services have been impacted for several weeks.1 The situation mirrors the one from last year in St. Louis, Mo., when 17 libraries lost service due to a ransomware attack.

Ransomware is a type of malware that encrypts all the files on a server or computer. It can spread through a network in a very short time once executed. The encrypted files are then unable to be opened without the encryption key. The attacker demands payment to unlock the files.2

In Spartanburg, the ransomware gained access to the system through email phishing, an attack method that is on the rise. Impersonation attacks are on increase, according to the Mimecast Email Security Risk Assessment. “Spear phishing” is a particularly dangerous type and targeted type of email attack. Attackers create a credible-looking spoof email and mimic the address. These attacks can sometimes request wire transfers or access to sensitive information.

The human factor is the greatest risk to computer security. The steps below will help keep you and your library secure in the virtual world.

Don’t click, even if it looks like a trusted source

It’s easy to do. You get an email that looks like a Google Doc from a colleague. You click the link, and next thing you know, everyone one your contact list is receiving phishing emails from your address.

Resist the urge to click. Closely check the sending email address. Make sure it comes from someone you expect to be receiving email from. Clicking links within an email is also risky. Links can redirect to websites with executable files. It’s possible the person sending you the email may have been hacked themselves, so even if you know and trust the sender, you should remain wary and on guard. Disabling links in your email application will help prevent errant clicking also.

Train everyone on basic online security practices

People are the weakest link in your cybersecurity defense. Anyone who uses your library computers is a possible vector for attack. Training staff and volunteers who use library systems is a key way to keep your systems secure. The most advanced antivirus software is no match to the user who is tricked into clicking something they shouldn’t.

Teach your staff not to click an attachment automatically and to watch for file extensions that might contain executable files, such as .exe or .zip. Microsoft’s 10 Immutable Laws of Security is a great resource to use as a training tool. It provides the whys behind computer security and provides strategies to protect your systems.

Keep your software up to date

Vendors release updates on a regular basis, providing security patches for known vulnerabilities. Be sure your systems are receiving these updates. It’s like plugging the dike against the ocean of malware out there. You need to keep systems maintained to prevent leak.

Back up your systems and files

A ransomware attack can bring all activity to a grinding halt, as we see in Spartanburg. Patrons depend on technology access in our modern-day libraries. Even our access to books depends on online catalogs and integrated library systems for checkout. Recovering from an attack means cleaning each device and recovering all the data. Having up-to-date backups makes this process go faster.

Below are some deeper articles on each of these topics. The world of cybersecurity grows more complex each day. Staying informed about the risks is a step everyone should take to build a wall of defense.


Lambert, Troy. “Protecting Your Library from Ransomware.” Public Libraries Online. March 2, 2017. https://publiclibrariesonline.org/2017/03/protecting-your-library-from-ransomware/.

Rubenking, Neil J., and Neil J. Rubenking. “Don’t Click That Link!” PCMAG. August 03, 2016. https://www.pcmag.com/article/346736/dont-click-that-link.


  1. Montgomery, Bob. “Spartanburg public library computer system hit by ransomware.” GoUpstate. January 30, 2018. Accessed February 11, 2018. http://www.goupstate.com/news/20180130/spartanburg-public-library-computer-system-hit-by-ransomware.
  2. Fruhlinger, Josh. “What is ransomware? How it works and how to remove it.” CSO Online. November 13, 2017. Accessed February 11, 2018. https://www.csoonline.com/article/3236183/ransomware/what-is-ransomware-how-it-works-and-how-to-remove-it.html.
  3. Brandon Vigliarolo | December 5, 2017, 8:37 AM PST. “Report: Email attacks increasing, but none as much as impersonation phishing.” TechRepublic. Accessed February 11, 2018. https://www.techrepublic.com/article/report-email-attacks-increasing-but-none-as-much-as-impersonation-phishing/.



Tags: , , ,