A Publication of the Public Library Association Public Libraries Online

Ransomware on the Rise: Protecting Library Systems

by on July 29, 2024

In today’s digital landscape, cybersecurity threats continue to evolve, and one of the most pervasive among them is ransomware. A recent Library Journal article defined ransomware as “malware that encrypts files throughout a targeted network, blocking access to a victim’s data and enabling cybercriminals to demand a ransom for unlocking the files.” Ransomware poses a significant risk to organizations worldwide, including libraries and local governments, despite these institutions often being underfunded and unable to pay large sums. Recent statistics from SANS, the world’s largest cybersecurity research and training organization, reveal an alarming trend: ransomware attacks surged by 73% in 2023 compared to the previous year. These statistics emphasize the increasing sophistication and frequency of these cyber assaults and the importance of cybersecurity.

Libraries, critical sources of information, and community support usually need more money for strong cybersecurity teams or tech experts to protect against threats. The impact of ransomware on library services can be profound, disrupting access to critical resources and compromising the integrity of patron data. Imagine a library unable to provide essential digital services or access to electronic resources due to a ransomware attack—it’s a scenario that underscores the importance of preparedness in the face of cyber threats. Recently, the Seattle Public Library experienced an attack that did just that, disrupting access to staff and public computers, online catalogs, wi-fi, library websites, e-resources, and more.

Charlotte Mecklenburg Library and Mecklenburg County faced a similar ransomware attack in 2017. Michael Engelbrecht, the Library Technology Director, stresses the importance of taking proactive steps. He emphasizes “staff behavioral changes,” such as ensuring customer flash drives are only accessed on public PCs rather than staff computers. This precaution, though seemingly minor, can prevent the accidental spread of malware within a library’s network.

One of the most common infiltration tactics cybercriminals use is distributing ransomware via email phishing attacks that trick a user into opening a dangerous file attachment. Mecklenburg County has begun to use “simulated phishing attacks” to test staff. Those who report the phishing email receive a message telling them they successfully identified a simulated phishing attack. Those who click the link receive a message that alerts them why this email should be reported and not opened.

In addition to the staff behavioral training above, libraries can adopt several best practices recommended by the U.S. Federal Bureau of Investigation:

  1. Keep operating systems, software, and applications current and up to date.
  2. Ensure anti-virus and anti-malware solutions are set to update and run regular scans automatically.
  3. Back up data regularly and double-check that those backups were completed.
  4. Secure your backups. Ensure they are not connected to the computers and networks they are backing up.
  5. Create a continuity plan if your business or organization is the victim of a ransomware attack.

Due to following these best practices in 2017, Mecklenburg County refused to pay the hackers their ransom of $23,000, choosing instead to rebuild the affected systems from scratch using their backed-up data. In the New York Times, Dena Diorio, Mecklenburg County Manager, said, “I am confident that our backup data is secure, and we have the resources to fix this situation ourselves.”

As digital threats continue to evolve, staying informed and prepared remains paramount in defending against the potentially devastating consequences of ransomware.

References: