A ransomware attack hit Toronto Public Library. Here’s what that means
The Toronto Public Library (TPL) has confirmed the cybersecurity breach that caused a 10-day outage was brought on by a ransomware attack.
In a statement Tuesday, TPL said the cyberattack continues to impact some of the library’s services, including, but not limited to, accessing its website, digital collections and online access to user accounts. Library branches are still open, but public computers and printing services are currently unavailable.
A spokesperson for the library said a report with the Toronto Police Service has been filed. In its public statement, TPL said it is also working with third-party cybersecurity experts to resolve the situation.
“There continues to be no evidence at this time that the personal information of our staff or customers has been compromised,” the library said in the updated statement.
The TPL noted it “will take a week or more” before everything is fully restored but anticipates some services will be brought back sooner.
Daniel Tsai, technology and business lecturer at the University of Toronto, said ransomware attacks are typically carried out in a couple of ways where either someone clicks on a link, or downloads software through an attachment, providing a “backdoor access” for the hackers to take control.
“It’s basically a malevolent code that gets embedded into your system,” Tsai said.
“I don’t know the extent of what exactly is happening at TPL, but if they said it’s ransomware, then that means somebody, likely an employee, downloaded something or an attachment and activated a file – an executable file – that somehow compromised the system and [has] given, basically, hackers the ability to encrypt it and prevent access to that information by the institution.”
WHY WOULD HACKERS TARGET TPL?
This ransomware attack is just the latest to hit the province in an apparent spike of cyberattacks.
Earlier this month, six Ontario hospitals and health-care institutions confirmed some of their patient and employee data had been stolen in the same manner. A portion of that data has since been posted online.
Back in February, Canada’s largest bookstore chain Indigo Books & Music saw its payment systems go offline and the personal information of some current and former employees compromised.
“First of all, they try to pick targets that they think are going to pay good money,” Tsai said.
“They like going after places that have repositories of data, so that’s banks and public institutions, hospitals. But they also like going after entities that have very poor security, or at least, weak security.”
From the perspective of a cyber attacker, Tsai said TPL would likely be considered “low-hanging fruit.”
“This is all part of a growing trend, and it’s only going to get worse,” Tsai said. “We’ve seen it with hospitals already here in Ontario. We saw it with Indigo Books, and now with TPL. This is only just the beginning.”
WHAT INFORMATION ARE HACKERS LOOKING FOR? WHAT COULD THEY DO WITH IT?
Tsai said hackers are looking for sensitive information, like banking, social insurance numbers or employee data. With this information, he said hackers can engage in identity or credit card fraud.
“It depends on how widespread the attack is. Presumably, they tried to go after all the information,” Tsai said. “Employee data seems to be a treasure trove.”
With Indigo Books, for example, the retailer said in March the criminals behind the attack intend to make some – or potentially all – of the stolen data available through the “dark web.”
With regards to the TPL, Tsai said he thinks employee data would be the ”bigger prize” with cyberattacks since their financial information is likely linked.
HOW CAN ESTABLISHMENTS PROTECT THEMSELVES FROM RANSOMWARE ATTACKS?
Basic cybersecurity practices can prevent most ransomware incidents, according to the Canadian Centre for Cyber Security. This can include simulating cyberattacks to determine weak spots and based off the audit’s result, implementing proper features to ensure cyber defences are in place, Tsai said.
The Communications Security Establishment’s Canadian Centre for Cyber Security and the Royal Canadian Mounted Police urge Canadian establishments to review their networks’ cyber security, and have provided advice and recommended IT actions that they can adopt to curb the threat of a ransomware attack.
CTVNews.ca Top Stories
Cisco reveals security breach, warns of state-sponsored spy campaign
State-sponsored actors targeted security devices used by governments around the world, according to technology firm Cisco Systems, which said the network devices are coveted intrusion points by spies.
I just don't get Taylor Swift
It's one thing to say you like Taylor Swift and her music, but don't blame CNN's AJ Willingham's when she says she just 'oesn't get' the global phenomenom.
Toxic testing standoff: Family leaves house over air quality
A Sherwood Park family says their new house is uninhabitable. The McNaughton's say they were forced to leave the house after living there for only a week because contaminants inside made it difficult to breathe.
Loud boom in Hamilton caused by propane tank, police say
A loud explosion was heard across Hamilton on Friday after a propane tank was accidentally destroyed and detonated at a local scrap metal yard, police say.
More than 115 cases of eye damage reported in Ontario after solar eclipse
More than 115 people who viewed the solar eclipse in Ontario earlier this month experienced eye damage after the event, according to eye doctors in the province.
Student anti-war protesters dig in as faculties condemn university leadership over calling police
Students protesting the Israel-Hamas war at at universities across U.S., some of whom have clashed with police in riot gear, dug in Saturday and vowed to keep their demonstrations going, while several school faculties condemned university presidents who have called in law enforcement to remove protesters.
'Do I ghost her again?': Quebec minister's office ignores questions on housing as a human right
The office of Quebec Housing Minister France-Élaine Duranceau prefers to openly ignore journalists' requests.
Decoy bear used to catch man who illegally killed a grizzly, B.C. conservation officers say
A man has been handed a lengthy hunting ban and fined thousands of dollars for illegally killing a grizzly bear, B.C. conservation officers say.
opinion RFK Jr.'s presidential candidacy and its potential threat to Biden and Trump
Although it's still unclear how much damage Robert F. Kennedy Jr.'s candidacy can do to either Joe Biden or Donald Trump this election, Washington political columnist Eric Ham says what is clear is both sides recognize the potential threat.