Ransomware continues to be utilized by internet criminals all over the world. Earlier this week, the libraries of St. Louis have been crippled by a ransomware attack. Public terminals provided by the library to the poor and vulnerable of the city had to be shut down as a result. Moreover, any system related to processing book and material lending remained inaccessible for quite some time.
As one would come to expect from a ransomware attack, the criminals demanded a hefty amount of bitcoins. In fact, they were hopeful of scoring a US$35,000 payday by infecting the St. Louis libraries. Right now, the FBI is investigating this matter, although no further information has been made public. We do know these library systems do not store sensitive user data, and no personal information has been exposed.
Unknown Ransomware Causes Havoc
Considering how the St. Louis libraries are mostly used by schools and children, this attack is quite troublesome. In some cases, it is people’s only access to the Internet. Most libraries allow users to perform basic internet activity in exchange for a small fee, or even free of charge. Those systems have now been compromised as well, and it is unclear when services will be restored.
To make matters even worse, the libraries WiFi access is turned off as well. This ransomware infection has infected all of the library’s systems, which affects all of their services. Not being able to lend or return books are troublesome as well, although these operations can be completed with pen and paper for the time being.
Moreover, the ransomware attack expertly targeted by the library’s centralized computer server. Staffers are unable to send and receive emails, as those services are also locked down until the infection is removed. In fact, one spokesperson made a mention of how the staff’s email system is “destroyed”. It remains unclear what type of ransomware was used during this attack, though.
What is of particular concern is how the St. Louis library may not have any data backups to resolve this matter quickly. If they did, the ransomware infection would not be much of a problem to deal with. It is positive to note they are not willing to pay the US$35,000 in Bitcoin, though. Paying the ransom after a malware attack is never a guarantee to have system access restored.
Header image courtesy of Shutterstock