Daviess County Public Library is still experiencing the effects of a ransomware attack that first targeted the facility in April. The ransomware attack has limited access to some of DCPL’s computers at least twice in three months because the original issue was not fully resolved.
Ransomware is malicious software that prevents access to systems or data until a ransom fee is paid to the attacker. Once a network has been infected with ransomware, the malicious software attempts to spread to storage drives and other accessible systems. According to DCPL, no personal information regarding DCPL patrons has been accessed during this particular attack.
So, why would a public library be targeted for an ongoing ransomware attack? According to DCPS Director Erin Waller, this type of incident isn’t uncommon for libraries and other small, government-run agencies.
“Not specifically us, but entities like us,” she said. “Smaller governmental entities with a network setup like ours.”
According to the United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), these type of ransomware attacks are leveraged by deleting data from the victim’s computer system, or by making it unavailable.
Waller previously told the Owensboro Times that the recovery process from this attack would be lengthy.
“We have had a technician from a company out of Bowling Green that has helped with a few things, and we consulted with a gentleman out of Dallas who is familiar with this kind of attack,” Waller said. “Our vendor, Polaris, and our IT staff — Brian Lashbrook, Wesley Johnson and our Collections Manager Alicia Harrington — have done the majority of the work.”
No subsequent threats have been made since the initial threat, Waller said, and DCPL’s refusal to pay the demanded ransom still stands.
For now, all operations at DCPL are running smoothly with the exception of the at-home catalog, library patron account access and the library’s self-check system.
DCPL staff have continued to be lenient regarding late fees, but it all “depends on the situation,” Waller said.
The three-month ransomware attack has been a stressful experience for all involved, Waller said.
“It has been very stressful for all staff, especially the IT staff, who have worked longer hours,” she said. “Mostly for front line staff, it has been stressful because we have had to do things in different ways than usual. But most patrons have been very patient and understanding, so that helps tremendously.”
According to Waller, all of the library’s subsequent issues have been related to the first attack.
“After the second occurrence, we were able to gain more information about what was happening so we could better address the issues,” she said.
