1. Computing

Ransomware locked over 700 of its computers, but St. Louis library system refused to pay

By

Public Library sign
chrisdorney / 123RF Stock Photo
“Just say ‘no’ worked for the St. Louis, Missouri public library system. On January 19, 2016, a ransomware attack took down circulation and public access computers at all 17 library branches. The hackers demanded a $35,000 ransom to free up the 700-plus computers. Rather than roll over and pay, however, the library fought back, and by Monday, January 23, most services were back up and running, according to Threat Post.

When the ransomware attack struck, the first thing the library did was contact the FBI. Library IT staff used system and data backups to restore the affected servers after fully wiping them. On January 20, a core circulation system was restored and book checkouts were back in operation at all branches by January 21. On January 23, the last remaining node, the reserve system, was the only part of the library’s computer system not fully operational and that was expected shortly.

According to St. Louis Public Library Executive Director Waller McGuire, the source of the attack was not through email phishing, the most common ransomware infection vector. In a letter to patrons, McGuire said that the malware was installed via a network break-in, although the exact point of entry isn’t known. The ransomware software used in the attack is also unknown at this time.

McGuire assured patrons that their personal and financial data was not in jeopardy because it isn’t stored on library servers. The online circulation system for downloading books, movies, and music wasn’t affected, nor was the library’s Wi-Fi service.

“St. Louis Public Library has been working with the FBI to identify how criminals broke into our system and correct the problem,” McGuire said. “I apologize to patrons for any inconvenience this incident has caused: on most days thousands of St. Louis Public Library patrons check out materials and use computers for many purposes.”

Many stories about ransomware attacks on banks, hospitals, and schools end in the payment of ransom demands in order to get the data back and restore critical services as soon as possible. Just recently the Los Angeles Community College District paid a $28,000 ransom, using a cybersecurity insurance policy that covered the attack.

It’s worth noting that the St. Louis libraries were able to get back online quickly not just because the system has an IT staff, but also because they systematically back up their full systems, not just their data, and this allowed them to wipe clean and restore the servers promptly.

Best cheap Asus laptop deals for July 2021

asus zenbook 14 ux425 review 2020 07

Best cheap lap desk deals for July 2021

best lap desk deals costway

Is a touchscreen laptop worth the money? Maybe with this Dell XPS deal

Dell XPS 13 2-in-1 laptop on white background.

Why a Chromebook is the perfect back-to-school laptop

HP Chromebook on a white background.

Microsoft Teams will now protect you against phishing attacks

A close-up of someone using Microsoft Teams on a laptop for a videoconference.

We can’t believe how cheap the Microsoft Surface Pro 7 is at Best Buy

microsoft-surface-7-pro-with-type-cover

Lenovo’s back-to-school laptops slashed to almost nothing at Staples

lenovo ideapad flex 5 notebook deal staples july 2021 in silver

The PDF reader in Microsoft Edge is getting a big update

microsoft edge worth switching to browser

Amazon discounts iPads by nearly $100

iPad Air 4th Generation

Dell XPS 13 laptops are unbelievably cheap today

dell xps 13 laptop deal july 2021 jpg 2 720x720

Gaming laptops and gaming desktops get crazy discounts at Dell

Alienware Aurora R12 gaming desktop.

These HP Chromebook deals will save you tons on back-to-school gear

best laptops for high school students hp chromebook 14 2021 1

The best VPN services for 2021

best VPN services