Douglas County Libraries hacked by overseas criminal group | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

It’s been over a week since Douglas County Libraries were the victim of an international cyber-attack and they’re still in negotiations with that criminal group.

“Early Sunday morning on January the 14th, there were alarms set off on our network,” said Executive Library Director Bob Pasicznyuk.

The entire system, from the online catalog to placing holds and even checking out books in person wasn’t working.

When the library’s IT team investigated, they found a calling card left by hackers.

“There was a note left on the server to contact the bandits doing this,” said Pasicznyuk. 

It was a cyber-attack by a hacker group called “Playcrypt,” believed to be linked to Russia. In October, the FBI issued a cybersecurity advisory about the group, stating they’ve been behind at least 300 known ransomware attacks worldwide.

But why would they target a library? 

“We asked that question and we’re never going to know,” said Pasicznyuk, “even though we’re not a part of the county government, maybe they thought we would be able to infiltrate that group, but who knows?”

Pasicznyuk does not believe the recent controversy involving the library board choosing not to ban certain books was a factor.

“No, I think this is pure economics,” said Pasicznyuk. 

It’s not clear how the hackers got into the system. Pasicznyuk says the library recently had a cybersecurity audit and received an  A+ rating. Luckily, the library has cybersecurity insurance, and they’re working with a cybersecurity firm to recover from the hack. 

“They do all the discussion if any needs to be done with the perpetrator,” said Pasicznyuk.

The library is not sharing the hackers’ demands or if they’re complying, but says they are in ongoing negotiations. 

“I use the library online a lot so I hope my information isn’t at jeopardy of being hacked,” said library user Jean Doran. 

Pasicznyuk says no personal information of library users was compromised. 

“We capture precious little about a customer, and that particular system wasn’t touched in this event at all,” said Pasicznyuk.

After a one-day system blackout, the library has slowly been re-activating services. The last week has been a return to the old-school library experience.

“Kids were still coming to story times, people were checking out books, we were getting people into rooms and doing all of the things that we do, but without technology,” said Pasicznyuk.

Now, about half of online library services have been restored, Pasicznyuk says most of what hasn’t been is internal. Library users can expect intermittent website disruptions in the next few weeks as service is fully restored.  


Click Here For The Original Story From This Source.

National Cyber Security