Ontario public library shuts down most services due to cyberattack

Avatar

A popular library in Ontario, Canada was forced to shut down most of its services this week due to a cyberattack — the latest library to face issues after hackers infiltrated its systems.

The London Public Library, which services the Canadian city’s 422,000 residents, posted an alert on Wednesday afternoon warning that several branches would be closed indefinitely.

While in-person borrowing and library programs remain available, its phones, email, WiFi, website, catalogs, printers, computers and digital resources are no longer accessible. Customers also are unable to place holds on items.

By Thursday morning, the library had confirmed that it is experiencing a “major” systems outage caused by a cyberattack.

“Experts have been engaged and investigations are underway. We expect that it could take some time to restore our systems,” they said.

The library announced that the Carson, Glanworth and Lambeth branches will be shut down until January 2. The library has a total of 16 branches.

The library offered customers access to newspapers and some digital catalogs through other platforms but its own catalog is still out of commission.

Virtual programs through Zoom have been canceled as well. Local news outlets reported that many low-income residents in the city use the library’s WiFi as their only access to the internet.

“The library is not a nice-to-have,” City Councilmember Sam Trosow told The London Free Press. “It’s a critical piece of our infrastructure that is essential to people’s well-being.”

The attack on London Public Library comes weeks after two of the biggest libraries in the world were hit by ransomware gangs. Toronto Public Library — Canada’s largest public library system, serving more than 1.2 million members with more than 12 million items spread across 100 branches — confirmed it had been hit with ransomware in October.

In addition to operational issues, the library warned that it refused to pay a ransom, meaning the troves of data stolen about its customers would likely be leaked onto the dark web.

A week after the attack on Toronto Public Library, the British Library announced that it too was struck by ransomware actors.

One of the largest libraries in the world and the national library of the United Kingdom, it faced dozens of technological issues after the incident.

Major library supplier Baker & Taylor struggled for weeks in August 2022 to bring systems back online after a ransomware attack, and a popular German library service notified its users in May 2022 of a range of issues connected to a cyberattack targeting service provider EKZ.

The attacks on libraries across the globe has even prompted U.S. officials to propose the creation of a program specifically designed to collect data about the cybersecurity and advanced firewall services that would best help libraries defend themselves from hackers.

Emsisoft ransomware expert Brett Callow warned that while libraries may not seem like lucrative targets, they often carry the kind of cyber insurance that will pay out ransomware hackers in the event of a devastating incident.

“Whether multiple libraries being hit on the space of a few weeks of each other is coincidental is unclear. Whatever the case, it shows that organizations which may not be perceived to be the most lucrative of targets are nonetheless in the criminals’ crosshairs,” he said.

“While libraries may not have enormous cash reserves, they often do have cyber insurance which covers the cost of a ransom — and that makes them targets.”

NewsCybercrime
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Microsoft disrupts credentials marketplace, warns of gift card fraud, OAuth abuse

Next Post

Seattle cancer center confirms cyberattack after ransomware gang threats

Related Posts

DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack

A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. “During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting the Microsoft Windows SmartScreen bypass
Avatar
Read More

TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer

A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. "This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors," Proofpoint said. "Additionally, the actor appeared to
Avatar
Read More