Libraries hit with ransomware attack


Eddy Cordero

The San Ramon Library was among the libraries throughout Contra Costa County impacted by a ransomware attack.

Friday, Jan. 3 was just another normal day at Contra Costa County libraries, until a ransomware attack struck, forcing them to close their systems and lock out library patrons. 

The problems persisted through Jan. 22, affecting all 26 community libraries in Contra Costa County and the administrative office in Martinez.

“A lot of people rely on the WiFi and free services, and because of the ransomware attack, it was harder for them to do every day work,” said sophomore Richa Prabhakar, who studies at the library every week. 

The US Department of Homeland Security (DHS) website describes ransomware as “a type of malicious software… designed to deny access to a computer system or data until a ransom is paid.”

“One of the core tenets of libraries is privacy,” Cal High’s librarian Nicole Ogden said. “[The incident ended up] highlighting to all of us that our data is not as secure as we thought it was. 

“You have to understand that there’s an inherent risk” Ogden continued. “Anything you transmit is available for hacking.” 

The county library system sent patrons an email about the initial attack and additional emails providing updates.

“It’s always wise to monitor your personal information on a regular basis,” the email read.

Senior Kendra Lin, who also studies at the library every week, had never heard of ransomware before. 

She said that she usually practices internet safety habits, but that she has been subject to hacking before.

“When I’m using the internet and making accounts, I don’t put up very personal information,” Lin said. “My email has been hacked multiple times before, but I usually just blow it off and ignore it after changing my password.”

While organizations like the county library system are often targeted, individuals may also be subject to ransomware attacks through phishing emails or infected links. The DHS recommends that users always update software, avoid opening attachments in unsolicited emails, and practice safe internet browsing.

While some victims of ransomware pay the ransom and others hire data recovery experts, the DHS notes there is no guarantee that files will be recovered.

The ransomware targeted the library catalog servers. In a statement emailed on Jan 4., the public was assured that their personal information is secure.

“The library has no evidence that any personal patron data has been compromised,” the email read. “The server that stores patron data related to library card accounts and transactions was not affected.”

 The library worked with local authorities and IT experts to resolve the issue.

“The affected servers have been taken offline,” the email read. “It may be several days before all library services are fully operational.”

Lin noted that the attack heavily impacted the community, especially those who use library services like she does.

“[The library is] an important part of the city,” Lin said. “Students often go there after school to study, and other children and adults rely on it to read and check out books.”

She also said that while she was not worried about her personal information, the ransomware attack likely scared many patrons.

All 26 community libraries remained open after the attack, with visitors checking out and returning books as usual. But internet access and WiFi was shut down for three weeks at all locations, and was only restored on Jan. 22. 

“I think the biggest impact it had was on the online accounts,” Lin said. “No one could log in to check their accounts, and they couldn’t put anything on hold either. It was kind of inconvenient for me.”

This was a big hassle for students who use the library to study and do homework.

“When I [went] to write an essay, there [were] fewer computers instead of the usual 30,” Prabhakar said.

With systems down, librarians switched to old-school methods of checking out books. By keeping physical records of library card numbers, names, and ISBN codes, librarians continued to loan books out although the catalog was down.

“Part of library use is access to technology,” Cal librarian Stacey Quick said. “Libraries and technology go together in ways to improve access to information and resources.”

Ogden stressed the importance of protecting libraries, citing the ransomware attack as evidence that library systems need help from the community in order to match the obstacles of the 21st century.

“Libraries are one of the true democratic institutions of our country,” Ogden said. “It’s up to our community to support libraries and fund the cybersecurity they need.”

“It’s nice to know if you ever need anything, you can go to the library,” said Prabhakar.