16 branches of the St. Louis library paralyzed cryptographer

Central Library of St. Louis

Western commercial companies and government agencies continue to suffer from cryptographer programs. In 2016, a multiple increase in the popularity of such programs among representatives of the criminal world was recorded. Modern transnational racket is much safer, cleaner and more profitable than a similar business of the 90s in Russia.

It is much more profitable for attackers to infect the computers of commercial companies, because they can get larger amounts of ransom. But sometimes non-profit organizations and individuals become victims of infections (by chance?). They do not envy.
')
An unpleasant story the other day happened to the St. Louis Library , which was faced with ransomware infection. As a result, the residents of St. Louis could neither take nor return the books in any of the 16 city branches of the library.

The incident occurred on Thursday, January 19, 2017. On this day, at the same time, the malware hit an extensive library of library computers, which in 700 city offices has 700 pieces. They work under Windows - the target cryptographic platform.

Technical experts spent all their workday and evening to solve the problem, and by Friday they were able to regain control of the central server. The customer service function with receipt of invoices was performed by a third-party vendor, and this working module could not be restored by Friday, so readers still did not have the opportunity to use the library collection.

The library refused to transfer the ransom to the address specified in the cryptographer. An amount equivalent to $ 35,000 was required. Instead, the library reported the incident to the FBI and tried to handle it on its own.

Library management says that computer systems will be completely reinstalled from scratch, and it may take several weeks for the library to become fully functional. Now cleaning and turning on of computers happens gradually. As of January 24, 14:20 Moscow time, the full working capacity of all computers has not been restored.

16 city offices continued to receive visitors. People can watch books on the shelves, read them in the reading room, and also use WiFi from their own laptops and smartphones, but don’t take books for a subscription. The digital library collection also remained open, since e-books and music were downloaded from third-party vendors' servers.

Library Director Waller McGuire apologized to all visitors. On a typical day, thousands of readers come to the library to find information in a collection of 4 million books, magazines and videos, do homework, or use a computer with the Internet. Most visitors came to the library just for the sake of the Internet - for these people the library is often the only place where you can work on the web. Now people have lost such an opportunity. “Some have smartphones, but there is no data transfer rate. They come and use WiFi, ”library employee Jen Hatton described the main audience. For the poorest citizens - children from poor families from poor neighborhoods - this is the only way to get online.

“The readers of the library are the real victims of this criminal attack,” said the director. “The library staff worked hard to open the safe but widely available digital world to the citizens of St. Louis, and I apologize for stopping this. The attempt by [criminals] to take away information and access to the world in exchange for a ransom demand is deeply frightening and offensive to any public library, and we will make efforts to keep access to the world for our readers. ”

Successful recovery of computers without paying a ransom is a relatively rare situation in the United States. According to statistics , 70% of American companies after infection with cryptographer prefer to pay a ransom. Simple business costs too much. The IBM survey included representatives of 600 companies with different numbers of employees, both small businesses and representatives of large companies. It turned out that 46% of surveyed firms have already encountered cryptographers, and 70% of them actually paid the ransom. Many pay large sums. Information security specialists have come across options for malware that are specifically aimed at legal entities that require payments of four- and five-digit amounts , and in some cases even millions of dollars . There are cases where victims actually paid large sums. According to statistics, 20% of American companies that became victims of cryptographers, paid more than $ 40 thousand, 25% paid from $ 20 thousand to 40 thousand, 11% paid from $ 10 thousand to 20 thousand

An IBM study revealed that the majority of potential victims of the attack still have no idea what cryptographers are. Only 31% of users have heard something about cryptographers. Unawareness of the threat to the attackers.

Unlike commercial companies, non-governmental organizations such as libraries can afford several days or weeks of partial downtime. Therefore, they do not make much sense to pay the ransom. You can try to restore information from the backup storage.

According to the FBI , over the three months of 2016, American companies paid more than $ 209 million to the extortionists.

Generally speaking, only the most dishonest criminals could have deliberately attacked the public library, and not some rich Fortune 500 company. Perhaps the St. Louis library suffered by mistake.