Ransomware Infects All St Louis Public Library Computers

An anonymous reader quotes a report from The Guardian: Libraries in St Louis have been bought to a standstill after computers in all the city's libraries were infected with ransomware, a particularly virulent form of computer virus used to extort money from victims. Hackers are demanding $35,000 (£28,000) to restore the system after the cyberattack, which affected 700 computers across the Missouri city's 16 public libraries. The hackers demanded the money in electronic currency bitcoin, but, as CNN reports, the authority has refused to pay for a code that would unlock the machines. As a result, the library authority has said it will wipe its entire computer system and rebuild it from scratch, a solution that may take weeks. On Friday, St Louis public library announced it had managed to regain control of its servers, with tech staff continuing to work to restore borrowing services. The 16 libraries have all remained open, but computers continue to be off limits to the public. Spokeswoman Jen Hatton told CNN that the attack had hit the city's schoolchildren and its poor worst, as many do not have access to the internet at home. "For many [...] we're their only access to the internet," she said. "Some of them have a smartphone, but they don't have a data plan. They come in and use the wifi." As well as causing the loans system to seize up, preventing borrowers from checking out or returning books, the attack froze all computers, leaving no one able to access the four million items that should be available through the service. The system is believed to have been infected through a centralized computer server, and staff emails have also been frozen by the virus. The FBI has been called in to investigate.

I'm Angry

[DaMattster]

It takes a special kind of asshole to attack a library; a place where people go to learn and access the internet. Why go after one of the poorest resources and attack those that have the least to give? Go after the fucking fortune 500 companies but not a fucking library. One only hopes that anonymous could turn the tables on these slimy thieves.

Re:Surely an inadvertent target

[techno-vampire]

I'll go one further: have it run off of a Live USB that's mounted inside the box where the users can't get at it and no persistent storage. That way, even they leave personal data behind, it goes away at reboot. Not only that, but if you set it up in kiosk mode, with Firefox opening at boot, they'll never even know they're using Linux.

Re: Why do people keep using Windows?

[tepples]

For one thing, even without administrative access to a computer, ransomware with full access to an employee's user account can do a lot of damage. For another, administrative access might be the result of a cost-benefit analysis that concluded that avoiding the cost of paying employees to sit and produce no value for the company while waiting for the IT department to complete a review of each application or device driver that each employee requires to do his or her job outweighs the risk of being the next ransomware victim.