[OPLIN 4cast] OPLIN 4Cast #588: Ransomware is a real threat to libraries

OPLIN Support support at oplin.ohio.gov
Wed Apr 4 10:30:01 EDT 2018 

Email not displaying correctly? View it in your browser.
<http://www.oplin.org/4cast/>
[image: OPLIN 4Cast]

OPLIN 4Cast #588: Ransomware is a real threat to libraries
April 4th, 2018

[image: red screen with Ransom Skull and Crossbones] Two separate news
items about hacking intrusions have caused me to lose sleep this week. The
attacks weren't against public libraries, but both are against
organizations that are enough like public libraries to signal that it's
increasingly likely that one of us will fall victim (as libraries in St.
Louis
<https://threatpost.com/st-louis-public-library-recovers-from-ransomware-attack/123297/>
and Spartanburg
<https://www.scmagazine.com/spartanburg-sc-library-system-hit-with-ransomware-attack/article/740721/>
already have). These stories are a wake-up call. We all know that we need
strong passwords, and to keep current on system and program updates,
especially security patches; those are first lines of defense against
ransomware attacks. But we also need to train ourselves and our clients not
to fall victim to increasingly targeted and sophisticated phishing
attacks--attacks against our patrons that appear to come *from libraries*.

   -
   - Iranian hackers broke into systems used by 8,000 American professors
   <https://www.technologyreview.com/the-download/610617/iranian-hackers-broke-into-accounts-of-8000-us-professors/>
[MIT
   Technology Review| Jamie Condliffe] "The hackers broke into systems at 320
   universities in 22 countries, including 114 American universities. They
   stole research that 'cost the universities approximately $3.4 billion to
   procure and maintain.'"
   - Silent Librarian: More to the Story of the Iranian Mabna Institute
   Indictment
   <https://info.phishlabs.com/blog/silent-librarian-more-to-the-story-of-the-iranian-mabna-institute-indictment>
   [PhishLabs | Crane Hassold] "While the indictment details the
   finely-crafted spear phishing campaigns targeting university professors,
   the attacks tracked by PhishLabs also involved the general targeting of
   university students and faculty to collect credentials for the victims'
   university library accounts."
   - The Ransomware that Hobbled Atlanta Will Strike Again
   <https://www.wired.com/story/atlanta-ransomware-samsam-will-strike-again/>
   [Wired | Lily Hay Newman] "If all the other high-profile ransomware attacks
   that have occurred over the last few years haven't been enough to scare
   institutions and municipalities into action, maybe the Atlanta meltdown
   finally will."
   - 4 Lessons Your Organization Can Take From Atlanta's Ransomware Attack
   <https://www.entrepreneur.com/article/311312> [Entrepreneur | Samuel
   Edwards] "At this point in 2018, it’s inexcusable for any organization –
   regardless of whether it’s an entire city government or a small business –
   not to have a robust cyber security strategy in place. Instead of just
   looking on and shaking your head at the situation brewing in Atlanta, make
   sure you’re taking this as a valuable opportunity to learn."

*From the Ohio Web Library <http://ohioweblibrary.org>:*

   - SentinelOne. "Survey: 53 Percent of Organizations Blame Legacy
   Antivirus Protection for Failed Ransomware Prevention
   <http://proxy.oplin.org:2054/login.aspx?direct=true&db=cmh&AN=bizwire.c83818252>
   ." *Business Wire (English)*, 3.
   - Goel, Sanjay, et al. "Got Phished? Internet Security and Human
   Vulnerability
   <http://proxy.oplin.org:2054/login.aspx?direct=true&db=cph&AN=121069132&site=ehost-live>
   ." *Journal of the Association for Information Systems*, vol. 18, no. 1,
   Jan. 2017, pp. 22-44.
   - Rash, Wayne. "New Survey Finds 10 Percent Failure Rate in Email
   Security Systems
   <http://proxy.oplin.org:2054/login.aspx?direct=true&db=sch&AN=126926621&site=scirc-live>
   ." *Eweek*, 20 Dec. 2017, p. 1.

------------------------------
The *OPLIN 4cast* is a weekly compilation of recent headlines, topics, and
trends that could impact public libraries. You can subscribe to it in a
variety of ways, such as:

   - *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
   subscribing to the following URL: http://www.oplin.org/4cast/
   index.php/?feed=rss2.
   - *Live Bookmark.* If you're using the Firefox web browser, you can go
   to the 4cast website (http://www.oplin.org/4cast/) and click on the
   orange "radio wave" icon on the right side of the address bar. In Internet
   Explorer 7, click on the same icon to view or subscribe to the 4cast RSS
   feed.
   - *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
   OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
   http://lists.oplin.org/mailman/listinfo/OPLIN4cast
   <http://lists.oplin.org/mailman/listinfo/OPLIN4cast>.

© 2018 Ohio Public Library Information Network
[image: Find us on Slideshare] <http://www.slideshare.net/oplin>  [image:
Find us on Facebook] <http://www.facebook.com/oplin.org>  [image: Find us
on Google+] <https://plus.google.com/107751358238995507967>  [image: Find
us on Twitter] <http://www.twitter.com/oplin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20180404/3507b0c7/attachment.html>

More information about the OPLIN4cast mailing list