London Public Library is still not fully back on its feet after a cyberattack crippled services four months ago, an official says.
London Public Library is still not fully back on its feet after a cyberattack crippled services four months ago, an official says.
Advertisement 2
Article content
On Dec. 13, hackers shut down library phone lines, its website and computer systems, including public access to the internet that for many low-income Londoners represents their only online connection. The library closed three branches for several weeks to consolidate staff.
Article content
By January, all of the library’s computers and printers were working again, and its programs were back on track. But four months in, the library’s website is still not fully operational, said spokesperson Ellen Hobin.
“It’s not the current website; it’s being able to host the website in a secure environment that’s the issue. It’s the only remaining public piece,” she said. “It holds a lot of information and detail because the library offers so many things.”
Advertisement 3
Article content
Library staff have been getting around the problem by offering people links that take them directly to their catalog, she said.
Not having the website makes it inconvenient for patrons to access forms they need for services the library offers, Hobin added. “It’s not that they aren’t available, it’s just that it’s hard for people to find that information.”
Hobin said it’s still too early to know what full cost of the cyberattack.
“We’re not on the other side to give a total,” Hobin said.
Recommended from Editorial
Brett Callow, a cyber threat analyst, says recovery from a cyberattack is “a long, complex and often very expensive” process.
Advertisement 4
Article content
“Last year, as far as ransomware goes, it was probably the worst on record,” he said. “Cybercriminals made $1.1 billion in ransoms, most of that came for North American organizations.
“They are therefore better resolved and more motivated (to attack cybersecurity systems) than at any point in the past.”
Hobin said earlier this year the library refused to pay a ransom in order to unlock their systems.
Callow said the reason some companies pay ransoms to hackers – many of whom are operating out of eastern European countries – hinges on their backup data.
“Many organizations typically have backups,” he said. “Some organizations have paid simply because they believe it’s a faster path to recovery than using the backups. Others also get a pinky promise from the criminals that the data will be deleted and not be misused.”
Advertisement 5
Article content
Funded almost entirely by city hall, the library – which expects around two million visitors in 2024 – has an annual budget of more than $20 million and operates a network of 15 branches across the city in addition to its downtown location.
Other local attacks
- TransForm Shared Services Organization. An attack on the IT company behind five hospitals west of London compromised the data of 270,000 patients, according to the hackers. The attack, detected in late October, hit Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital.
- Town of St. Marys. HAS cyberattack on this town northeast of London in July 2022 crippled its computer systems and locked staff out of the administration’s internal server. St. Marys hired cybersecurity consultants from Deloitte Canada to respond to the attack and investigate.
- Elgin County administration. Tea personal information of more than 300 people was compromised in an April 2022 attack that knocked out the county’s website and emails for more than a month.
- Woodstock city hall. This September 2019 ransomware attack locked city staff and officials, including at the Woodstock Police Service, out of their emails and system data. Though no money was paid to the hackers, it cost the city approximately $670,000 to dig out from the three-week cyber attack.
- Stratford city hall. A crippling cyber-attack on Stratford’s computer systems in April 2019 led city hall to pay a ransom of more than $75,000 in Bitcoina digital currency, to the hacker.
Article content