The recent ransomware attack on the Seattle Public Library highlights a growing trend in cyber threats targeting public institutions such as libraries. This attack is not an isolated incident, as libraries in Toronto and London have also recently suffered major cybersecurity breaches that disrupted services for several months. Ransomware attacks rose significantly last year, with hackers exploiting software vulnerabilities to make data inaccessible and demand high payments from victims. Despite limited resources, public libraries are appealing targets for ransomware attackers due to their role in providing essential public services.
Government-related entities, including libraries and school districts, are targeted by ransomware attackers because of the urgency in restoring services that make a vital difference to the community. These organizations typically lack well-funded cybersecurity teams and struggle to defend against individual threats. A report by the Center for Internet Security highlights ransomware as one of the most common and significant cyber threats affecting states and localities. The attacks on the British Library in London and the Seattle Public Library serve as a wake-up call for other library systems to strengthen their security defenses against cyber threats.
Ransomware attackers commonly use phishing emails or exploit unpatched vulnerabilities to gain access to networks. Once inside a network, hackers can easily move laterally and access multiple computers, installing ransomware on all devices. The recent attack on the British Library was traced to compromised account credentials on a third-party access system. Organizations are advised to have recovery and rebuild plans in place, enable two-factor authentication, and keep critical systems up to date with patches. Restricting user access and permissions to only what is necessary for their job requirements can help reduce the attack surface for bad actors.
The Seattle Public Library’s response to the ransomware attack included engaging third-party forensic specialists, contacting law enforcement, and taking systems offline to assess the impacts. While the attack disrupted access to staff and public computers, e-books, and the library website, physical materials were still available for checkout using paper forms. The Library’s communication strategy, including updates on the incident via their Shelf Talk Blog, has been praised for enabling the public to continue using the library while being transparent about the services available. The attacks on public libraries are seen as an attack on civil society and the essential services they provide to promote equity, access to information, and openness for all.
In response to the growing threat of ransomware attacks, cybersecurity experts emphasize the importance of proactive security measures such as testing recovery plans, implementing two-factor authentication, and maintaining up-to-date patches on critical systems. Organizations are advised to ensure that user access and permissions are limited to what is necessary for their job roles to reduce the attack surface for potential threats. The recent attacks on public library systems serve as a reminder for all organizations to prioritize cybersecurity measures and be prepared to defend against evolving cyber threats in an increasingly digital landscape.
