Two days after London’s public libraries suffered a “major systems failure” that took down everything from its website to its book catalog, the culprit remains unknown.
In a Facebook post Friday, the library said the closure “appears to be the result of a cyber incident.”
“We anticipate that it will take some time for systems to be restored. We are working with experts and will provide updates as more information becomes available and services are restored. Keep sharing.”
Our Carson, Glanworth and Lambeth branches will remain closed until January 2nd. Learn more about how the outage affected your service. here.
This network outage comes at a time when many public institutions around the world, including libraries, have been targeted by ransomware attacks.
In such attacks, criminals infect an organization’s computer network with malware, causing the system to malfunction. The criminals then demand money to restore the system. It is often combined with the threat of posting personal or sensitive information on the dark web. Targeted organizations may also be required to pay to prevent information from being released.
Toronto Library still under restoration
Toronto’s public library was hit by a ransomware attack on October 28th, and staff are still working to restore it.
in public statement, the Toronto Library announced that criminals stole “a large amount of files” from its internal servers. The Toronto library did not pay the ransom, but employee information may have been stolen, including names, social insurance numbers, dates of birth, home addresses and, in some cases, copies of government-issued IDs. He said he confirmed that.
The British Library was hit with a ransomware attack on October 31st. Guardian report A mysterious ransomware group called Rhysida has claimed responsibility for the attack.
Why target libraries?
So why do cybercriminals target libraries instead of banks?
Alexander Essex, a Western University professor and cybersecurity expert, said libraries are often seen as easier targets.
He said: “Small local authorities are setting increasingly attractive targets simply because their IT infrastructure resources are not as sufficient at that level.”
In London, the library network is separate from the city network. Earlier this year, the city approved spending an additional $1 million to defend against cyberattacks, which city officials say are becoming increasingly common.
Charles Finlay leads the Rogers CyberSecure Catalyst at Toronto Metropolitan University. He said that while personal data may have resale or ransom value, the motivations of cybercriminals vary widely.
“Some of these attackers are simply trying to disrupt important institutions that serve our society,” he said.
Still, he said this is an expensive problem and organizations need to train their staff to prevent it.
“Ransomware attacks are occurring at crisis levels across Canada, and ransomware is a multi-national, multi-billion dollar industry.”
Sometimes cybercrime pays off
In 2019, the city of Stratford, Ontario was hit by a ransomware attack. In this case, the attackers encrypted the town’s servers, effectively rendering them inoperable. The town paid the attacker a total of 10 Bitcoins (worth $7,509.13 each at the time), bringing his total payout to him $75,091.30. However, the town also had an insurance policy that limited the town’s liability to a $15,000 deductible.
Essex and Finley agree that most public agencies are not devoting enough resources to securing their systems.
Finlay said it can cost much more to repair the damage from a single successful cyberattack than to defend against it.
“Once the attack happens, you go into a different mode,” he says. “The best time to invest is before it happens.”
Finlay also said that attacks have become so common that it is almost inevitable that all public institutions, large and small, will eventually be targeted.
“It’s not a question of if, it’s a matter of when,” he said. “These organizations and local governments are going to be attacked. If it hasn’t happened yet, it will happen. So these investments need to be made now.”