SoylentNews is people
SoylentNews is powered by your submissions, so send in your scoop. Only 7 submissions in the queue.
SoylentNews
Apparently it's the library's turn to pay a fine.
Libraries in St Louis have been bought to a standstill after computers in all the city's libraries were infected with ransomware, a particularly virulent form of computer virus used to extort money from victims.
Hackers are demanding $35,000 (£28,000) to restore the system after the cyberattack, which affected 700 computers across the Missouri city's 16 public libraries. The hackers demanded the money in electronic currency bitcoin, but, as CNN reports, the authority has refused to pay for a code that would unlock the machines.
As a result, the library authority has said it will wipe its entire computer system and rebuild it from scratch, a solution that may take weeks.
This discussion has been archived.
No new comments can be posted.
Ransomware Attack Paralyses St Louis Libraries as Hackers Demand Bitcoins
|
Log In/Create an Account
| Top
| 33 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
The reader this message encounters not failing to understand is cursed.
(Score: 2) by looorg on Wednesday January 25 2017, @01:38PM
None of the public machines should have any kind of information stored on them that was vital or worth a single bitcoin, information shouldn't even be allowed to be stored on them. So they should just be wiped without even having to think about it. That they are not automatically wiped on a nightly basis is baffling by itself. If you have 700 machines open to the public it's not like you are going to go around maintaining them one by one anyway, or is that how it works in the public sector of St. Louis? I guess that would be one way of creating job-security. The next question is why are all these systems even connected to each other ? How can you let public computers share a network with your "work" systems (various servers and maintenance systems plus the book lending system)? This just seems like incompetence. The public machines shouldn't even be allowed to come anywhere near the important systems, and the other way around - important machines shouldn't connect to unsecure machines, they should be treated like they all have the plague. If it turns out to be true that the the infection point is a central servers, and that then replicated the malware out to all the machines, then that is even worse. What are they doing running unknown software (or clicking funny email attachments) on the server?
That said the expense is in some part just fiction. No computers where destroyed. All is already paid for. What is wasted is time. Time that has also already been paid for in the form of salaries. Actual cost minimal or nothing, value of the lesson? Priceless? Hopefully.
(Score: 3, Insightful) by damnbunni on Wednesday January 25 2017, @02:16PM
The time costs money.
'Time that has already been paid for in the form of salaries'? Er, no. Even assuming the workers are salaried, instead of waged, the hours they spend working on restoring the computers is hours they are NOT spending on doing whatever their job normally is. So either that work backs up and doesn't get done, or someone else has to do it - probably working overtime.
So either they have to pay people extra to fix the computers, or pay someone else to come in and fix the computers, or pay people to do the work of the people who are fixing the computers.
You also have to realize that libraries are usually on a shoestring budget. Even big city libraries. They don't get nearly enough funding to hire IT experts. Their systems are cobbled together by volunteers and whoever on the staff knows the most about wifi. SHOULD they be able to hire those experts? Yes. But they often barely get enough funding to maintain their buildings and buy the occasional book. IT spending is way down on the list.
I've worked in libraries. (Not these libraries.) The people I worked with were passionate about their work, and knew they were cutting corners, and wished they could afford to NOT cut them, but they didn't have a lot of choice.
(Score: 2) by looorg on Wednesday January 25 2017, @06:17PM
I would disagree. There is nothing else to do if all the computers, servers, systems or whatever are down. Getting them up again is the only task at hand. If you are paid to work with the computers then this is now your only or main task. If you are getting paid a monthly (or weekly or whatever) wage then you are already paid for, if you spend the time eating cookies and drinking coffee or reinstalling windows machines it's the same in that regard - the cost did not increase or decrease. There is no extra cost involved unless you have to hire some outside expert(s) to deal with the issue, or I have to pay you overtime. But on their alleged shoestring budget there probably won't be anyone or anything extra. I'm not certain but I doubt the FBI sends a bill for their assistance, if they offered any.
I don't doubt that the staff or the volunteers are doing their best and that they love working at a library. The things mentioned doesn't really have to cost much, if any, either. I did not go into it but the post after mine by Number6 (I want to know something ...) does lay it out better than I would have. All I can add to his/her post is that Deep Freeze is excellent when it comes to dealing with and running public machines.
(Score: 3, Disagree) by mcgrew on Wednesday January 25 2017, @02:33PM
I think you're completely misunderstanding information technologies. The library here in Springfield, IL has public computers that are connected to the internet, they offer free wi-fi in the library, and their card catalog [lincolnlibrary.info] is online, but you can't get into the computers that hold employee payroll data, library card information, fines, and other sensitive information.
If you would have bothered to RTFS you'd have seen that a middle manager clicked on an email link. It had nothing to do with computers set out for patrons.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 2) by Scruffy Beard 2 on Wednesday January 25 2017, @05:00PM
I see nothing in TFS(summary) to that effect. (maybe I need coffee)
From TFA:
(Score: 2) by looorg on Wednesday January 25 2017, @06:06PM
I did read the fucking article, I even read it again and I still can't find what you mention.
The system is believed to have been infected through a centralised computer server, and staff emails have also been frozen by the virus. The FBI has been called in to investigate.
From the article and I mentioned that in one of the last sentences of my initial post.
Victims are hacked by clicking on an innocuous looking attachment or website link within an email.
Which was not related to the specific incident that the article was about but was a general comment at the end of the article detailing how ransomware infections usually happen. So which one of us is it that needs to learn to RTFS again? Not me.