Ransomware attack hits St Louis Public library

Ransomware attack hits St Louis Public library

If you were trying to use the public computers at St Louis Public Library this week you may have experienced more than your fair share of problems.

If you were trying to use the public computers at St Louis Public Library this week you may have experienced more than your fair share of problems.

If you were trying to use the public computers at St Louis Public Library this week you may have experienced more than your fair share of problems.

The reason? A ransomware attack struck the library’s server, preventing some 700 PCs at 16 of library locations from working properly, and preventing the checking out of books.

According to media reports the unnamed ransomware managed to infect the public library’s systems late on Wednesday or early Thursday.

CNN reports that the criminals behind the ransomware attack demanded $35,000 in Bitcoin for the decryption of files scrambled by the crypto-malware.

Just as with the ransomware attacks that have disrupted hospitals and medical centres in the past, it’s easy to get a picture from this incident of just how a malware outbreak can impact the general public.

After all, consider this question: who is most likely to be a regular user of the computers in a public library?

Chances are that it is predominantly young children, students, and those members of the public who cannot afford to have their own computer and internet connection. For these people it may be their only accessible route through which they can stay in touch with their family, work on their studies, or apply for employment opportunities.

Ransomware doesn’t discriminate – it hurts the luckiest in society, and the most disadvantaged. It doesn’t care whose computers it infects, and what impact it has on their users. Its only interest is earning as much money as possible for its criminal creators as possible.

Thankfully, the library does not keep its book catalog on the infected computer system, and so it escaped being put at risk. In addition, the server did not store personal information, or indeed financial information, of the library’s users or staff.

“The good news is, St. Louis Public Library does not store patron or staff personal information — or financial information on our server. No data from the public has been compromised in any way,” said library spokesperson Jen Hatton.

The other good piece of news is that the library had a backup, which means that they haven’t been forced into a corner, and can – if they wish – choose to avoid paying their extortionists.

Of course, that doesn’t mean it’s necessarily a simple process to fix the affected computers and restore data back to systems. Recovering that much data and that repairing that many PCs can be a time-consuming process, and the library warned that it may be weeks before operations completely return to normal.

That decision as to whether to pay the ransom or not is a complicated one, and there have been a number of organisations in the past which have made the difficult decision to give in to the extortionists’ demands – sometimes even when a backup does exist in order to get systems back online faster.

The library has informed the FBI about the attack. Again, that’s a good decision. A crime has been committed, and even if the chances of capturing the perpetrators might be remote it’s important that evidence about attacks is collected.

Ransomware isn’t going away. It’s one of the most significant trends to have hit the computer security industry in recent years.

Make sure that your company and home computer is properly protected against threats with a layered defence. And yes, that includes having a proper backup regime.

Discussion