Paving the Path towards Healing
In a series of cyber-attacks that have shaken the library community, several public libraries in North America have faced ransomware attacks in recent months. This article provides an overview of the incidents at the Toronto Public Library (TPL), Seattle Public Library (SPL), and Orion Township Public Library.
The crisis at TPL, accelerated by a devastating breach in October 2023, propelled the library's long-term digital priorities into high gear. With all 100 library branches remaining open during the attack, staff worked tirelessly to maintain services. Manual checkouts were implemented, creating a backlog of work that later needed to be digitized.
In a similar incident, the Seattle Public Library faced a ransomware attack in May 2024, carried out by the hacker group LAPSUS$. The attack affected more than 1,000 computers systemwide, requiring a comprehensive recovery process. Libraries in Boston, the British Library, and Singapore offered support during this challenging time.
Orion Township Public Library in Michigan also experienced a ransomware attack, halted in October 2023. However, the source of the malware could not be fully traced due to the servers being disconnected during the attack. Recoverable copies in deleted folders allowed the library to restore systems within days, thanks in part to assistance from their cyber insurance plan.
Toronto's emergency plan, implemented on day one of the breach, included a Cyber Response Leadership Team, a Library Operations Centre, and a Management Response Team. Legal counsel was also engaged to navigate the complexities of the situation. IT staff meticulously quarantined and checked each library computer for malware during the recovery process.
Seattle Public Library engaged several outside consultants, including cybersecurity firms Critical Insight and Alvaka, after detecting signs of an intrusion. Once services had been fully restored in February 2024, staff processed new library card registrations first, then worked through 1.4 million returns—stored in 15 semi-trailers—and renewals.
At TPL, digital systems, including public computers, the library website, catalog and account access, and some digital materials and databases went offline during the attack. However, the library quickly launched a temporary site in December while working on a permanent rebuild.
The ransomware attack at Orion Township Public Library was already in progress when it was stopped. Despite the challenges, the library was able to recover and continue serving its community. These incidents serve as a reminder of the importance of robust cybersecurity measures in today's digital age.
Read also:
- Companies exercise prudence towards AI adoption, ensuring secure implementation: Exploring safeguards and strategies.
- Stolen Brain Data of Sinner and Leclerc (Yellow chroma), previously held in China, repurposed for military training purposes.
- Increased instances of Russian-originated disinformation on social media platforms detected following the shooting of Kirk
- Financial researchers at Carnegie urge immediate efforts to counteract cyber threats in the financial sector
