Skip to main content

Ransomware locked over 700 of its computers, but St. Louis library system refused to pay

Public Library sign
chrisdorney / 123RF Stock Photo
“Just say ‘no’ worked for the St. Louis, Missouri public library system. On January 19, 2016, a ransomware attack took down circulation and public access computers at all 17 library branches. The hackers demanded a $35,000 ransom to free up the 700-plus computers. Rather than roll over and pay, however, the library fought back, and by Monday, January 23, most services were back up and running, according to Threat Post.

When the ransomware attack struck, the first thing the library did was contact the FBI. Library IT staff used system and data backups to restore the affected servers after fully wiping them. On January 20, a core circulation system was restored and book checkouts were back in operation at all branches by January 21. On January 23, the last remaining node, the reserve system, was the only part of the library’s computer system not fully operational and that was expected shortly.

Related Videos

According to St. Louis Public Library Executive Director Waller McGuire, the source of the attack was not through email phishing, the most common ransomware infection vector. In a letter to patrons, McGuire said that the malware was installed via a network break-in, although the exact point of entry isn’t known. The ransomware software used in the attack is also unknown at this time.

McGuire assured patrons that their personal and financial data was not in jeopardy because it isn’t stored on library servers. The online circulation system for downloading books, movies, and music wasn’t affected, nor was the library’s Wi-Fi service.

“St. Louis Public Library has been working with the FBI to identify how criminals broke into our system and correct the problem,” McGuire said. “I apologize to patrons for any inconvenience this incident has caused: on most days thousands of St. Louis Public Library patrons check out materials and use computers for many purposes.”

Many stories about ransomware attacks on banks, hospitals, and schools end in the payment of ransom demands in order to get the data back and restore critical services as soon as possible. Just recently the Los Angeles Community College District paid a $28,000 ransom, using a cybersecurity insurance policy that covered the attack.

It’s worth noting that the St. Louis libraries were able to get back online quickly not just because the system has an IT staff, but also because they systematically back up their full systems, not just their data, and this allowed them to wipe clean and restore the servers promptly.

Editors' Recommendations

It’s not just you — Microsoft admits its patches broke OneDrive
Microsoft OneDrive files can sync between a PC and a phone.

If you’ve been experiencing OneDrive crashes and error messages, before digging too deep for a solution, note that it might be Microsoft’s fault. Common solutions like restarting, or signing out and back in won’t help because the issue is with the latest Windows 10 update.

Apparently, the problem begins after installing the 22H2 update for Windows 10 that was released on October 18, 2022. Today, Microsoft confirmed that after updating Windows 10, OneDrive might “unexpectedly close,” a nice way to describe a crash. This problem isn’t affecting Windows 11 computers and it’s still possible to use OneDrive via a browser.

Read more
The latest Firefox release redesigns its private browsing feature
A symbol of the Mozilla Firefox logo.

Mozilla is releasing its latest version of the Firefox browser as of Tuesday with a focus on privacy, accessibility, and customization, according to the brand.

The new release will include a number of features, but one notable highlight is the introduction of a shortcut button for Private Browsing mode that you can pin to your desktop. This is a feature intended for easy access to the feature that is typically found within the triple bar icon at the upper right corner of the browser or when right-clicking the Firefox icon on the Windows taskbar with a mouse or trackpad. While it might not be extremely tedious, this feature takes out some extra steps for those who wish to take advantage.

Read more
Meta found over 400 mobile apps ‘designed to steal’ Facebook logins
Social media mobile apps on a smartphone screen, all on a textured gray fabric background.

If you frequently use your Facebook login to sign into new mobile apps you've installed, you may want to pay attention to Meta's latest announcement.

On Friday, Facebook's parent company Meta published a blog post written by its Director of Threat Disruption David Agranovich, and Ryan Victory, a Malware Discovery and Detection engineer at Meta. The post detailed Meta's discovery of over 400 mobile apps "that target people across the internet to steal their Facebook login information." Essentially, Meta found hundreds of mobile apps that were "designed to steal"  the login information of Facebook users by having those users log in to these apps with their Facebook login information.

Read more