Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.

Ransomware Attack Paralyses St Louis Libraries as Hackers Demand Bitcoins

posted by on Wednesday January 25 2017, @09:51AM   Printer-friendly
from the we-don't-negotiate-with-terrorists dept.

Fnord666 writes:

Apparently it's the library's turn to pay a fine.

Libraries in St Louis have been bought to a standstill after computers in all the city's libraries were infected with ransomware, a particularly virulent form of computer virus used to extort money from victims.

Hackers are demanding $35,000 (£28,000) to restore the system after the cyberattack, which affected 700 computers across the Missouri city's 16 public libraries. The hackers demanded the money in electronic currency bitcoin, but, as CNN reports, the authority has refused to pay for a code that would unlock the machines.

As a result, the library authority has said it will wipe its entire computer system and rebuild it from scratch, a solution that may take weeks.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Ransomware Attack Paralyses St Louis Libraries as Hackers Demand Bitcoins | Log In/Create an Account | Top | 33 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by nobu_the_bard on Wednesday January 25 2017, @03:49PM

    by nobu_the_bard (6373) on Wednesday January 25 2017, @03:49PM (#458508)

    Newer ransomwares attack backups if they can. They will search for shares on the network, even if the active user doesn't have an active link to the shared files. It will attempt to interfere with Shadow Copy and other services, if it can, as well. I've seen it in real time - backups vanishing one after another as they were gobbled up (in that case, it was just the Windows copies affected - as it happened, the machine in question was virtual and had regular images taken, stored on a physically isolated server, so it turned out to not be a big deal).

    I've also heard rumors of ones that sniff network traffic to try to deduce other things they can access, but haven't seen one of these myself yet.

    You need the backups to not be directly accessible from any of the machines they relate to backing up during work hours, where possible, to be sure they aren't endangered. If you really had a well done network you could do this with just permissions settings perhaps, but you really need to be on top of things. One errant administrator session and you're wrecked.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 3, Insightful) by Scruffy Beard 2 on Wednesday January 25 2017, @04:42PM

    by Scruffy Beard 2 (6030) on Wednesday January 25 2017, @04:42PM (#458522)

    If it is not off-line, off-site, and verified, it is not a back-up.

    • (Score: 0) by Anonymous Coward on Wednesday January 25 2017, @11:36PM

      by Anonymous Coward on Wednesday January 25 2017, @11:36PM (#458725)

      Should be in all-caps and bold as well.

      If your copy of your stuff can't survive a fire, flood, burglary, or hack, what you have is NOT a backup.

      That the articles about this event doesn't include the names of the IT personnel responsible for the difficult-to-restore software/data infrastructure is just wrong.
      This was fundamental incompetence.

      Those chumps should be fired (and should never have been hired in the first place) and their names should be in the zeitgeist to alert any potential employers.

      Those turkeys should have jobs that involve no more responsibility/skills than one that includes asking the question "Do you want fries with that?"

      -- OriginalOwner_ [soylentnews.org]