<div dir="ltr"><div><div class="m_-3598979705854512550gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">
<table class="m_-3598979705854512550backgroundTable" bgcolor="#ffffff" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td align="left" valign="top">
<table cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="border-top:0px solid rgb(0,0,0);border-bottom:1px solid rgb(255,255,255);background-color:rgb(255,255,255);text-align:center" align="center"><span style="font-size:10px;color:rgb(96,96,96);line-height:200%;font-family:verdana;text-decoration:none">Email not displaying correctly? <a href="http://www.oplin.org/4cast/" style="font-size:10px;color:rgb(0,0,255);line-height:200%;font-family:verdana;text-decoration:none" target="_blank">View it in your browser.</a></span></td>
</tr>
<tr>
<td style="border-top:0px solid rgb(51,51,51);border-bottom:0px solid rgb(255,255,255);background-color:rgb(255,255,255)">
<center><a><img id="m_-3598979705854512550editableImg1" src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/4cast_email_header.png" title="OPLIN" alt="OPLIN 4Cast" align="middle" border="0"></a></center>
</td>
</tr>
</tbody>
</table>
<table style="width:763px;height:877px" bgcolor="#ffffff" cellpadding="20" cellspacing="0">
<tbody>
<tr>
<td style="font-size:12px;color:rgb(0,0,0);line-height:150%;font-family:'Gothic Sans',sans-serif" bgcolor="#ffffff" valign="top">
<p> <span style="font-size:20px;font-weight:bold;color:rgb(0,0,0);font-family:arial;line-height:110%">OPLIN 4Cast #588: Ransomware is a real threat to libraries</span><br>
<span style="font-size:11px;font-weight:normal;color:rgb(102,102,102);font-style:italic;font-family:arial">April 4th, 2018</span></p>
<p style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><img align="left" class="m_-3598979705854512550alignleft m_-3598979705854512550size-full m_-3598979705854512550wp-image-6101" src="https://4cast.oplin.org/wp-content/uploads/2018/04/Fotolia_169435581_XS.jpg" alt="red screen with Ransom Skull and Crossbones" width="130" height="94" style="padding-right:14px;padding-top:4px;padding-bottom:4px" title=""> Two separate news items about hacking intrusions have caused me to lose sleep this week. The attacks weren't against public libraries, but both are against organizations that are enough like public libraries to signal that it's increasingly likely that one of us will fall victim (as libraries in <a href="https://threatpost.com/st-louis-public-library-recovers-from-ransomware-attack/123297/" target="_blank">St. Louis</a> and <a href="https://www.scmagazine.com/spartanburg-sc-library-system-hit-with-ransomware-attack/article/740721/" target="_blank">Spartanburg</a> already have). These stories are a wake-up call. We all know that we need strong passwords, and to keep current on system and program updates, especially security patches; those are first lines of defense against ransomware attacks. But we also need to train ourselves and our clients not to fall victim to increasingly targeted and sophisticated phishing attacks--attacks against our patrons that appear to come <em>from libraries</em>.</p><ul>
<li style="list-style-type:none">
</li><li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://www.technologyreview.com/the-download/610617/iranian-hackers-broke-into-accounts-of-8000-us-professors/" target="_blank">Iranian hackers broke into systems used by 8,000 American professors</a> [MIT Technology Review| Jamie Condliffe] "The hackers broke into systems at 320 universities in 22 countries, including 114 American universities. They stole research that 'cost the universities approximately $3.4 billion to procure and maintain.'"</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://info.phishlabs.com/blog/silent-librarian-more-to-the-story-of-the-iranian-mabna-institute-indictment" target="_blank">Silent Librarian: More to the Story of the Iranian Mabna Institute Indictment</a> [PhishLabs | Crane Hassold] "While the indictment details the finely-crafted spear phishing campaigns targeting university professors, the attacks tracked by PhishLabs also involved the general targeting of university students and faculty to collect credentials for the victims' university library accounts."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://www.wired.com/story/atlanta-ransomware-samsam-will-strike-again/" target="_blank">The Ransomware that Hobbled Atlanta Will Strike Again</a> [Wired | Lily Hay Newman] "If all the other high-profile ransomware attacks that have occurred over the last few years haven't been enough to scare institutions and municipalities into action, maybe the Atlanta meltdown finally will."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://www.entrepreneur.com/article/311312" target="_blank">4 Lessons Your Organization Can Take From Atlanta's Ransomware Attack</a> [Entrepreneur | Samuel Edwards] "At this point in 2018, it’s inexcusable for any organization – regardless of whether it’s an entire city government or a small business – not to have a robust cyber security strategy in place. Instead of just looking on and shaking your head at the situation brewing in Atlanta, make sure you’re taking this as a valuable opportunity to learn."</li>
</ul>
<div style="text-align:left"> </div>
<p style="text-align:left;font-size:20px;font-family:arial;line-height:110%"><small><strong><em>From the <a href="http://ohioweblibrary.org" target="_blank">Ohio Web Library</a>:</em></strong></small><br>
</p>
<div style="text-align:justify;font-size:16px;font-family:arial;line-height:110%">
<ul> <li>SentinelOne. "<a href="http://proxy.oplin.org:2054/login.aspx?direct=true&db=cmh&AN=bizwire.c83818252" target="_blank">Survey: 53 Percent of Organizations Blame Legacy Antivirus Protection for Failed Ransomware Prevention</a>." <i>Business Wire (English)</i>, 3.</li> <li>Goel, Sanjay, et al. "<a href="http://proxy.oplin.org:2054/login.aspx?direct=true&db=cph&AN=121069132&site=ehost-live" target="_blank">Got Phished? Internet Security and Human Vulnerability</a>." <i>Journal of the Association for Information Systems</i>, vol. 18, no. 1, Jan. 2017, pp. 22-44.</li> <li>Rash, Wayne. "<a href="http://proxy.oplin.org:2054/login.aspx?direct=true&db=sch&AN=126926621&site=scirc-live" target="_blank">New Survey Finds 10 Percent Failure Rate in Email Security Systems</a>." <i>Eweek</i>, 20 Dec. 2017, p. 1.</li>
</ul>
</div>
<div style="text-align:left"> </div>
</td>
</tr>
<tr>
<td valign="top" width="760"><span style="font-size:10px;color:rgb(96,96,96);line-height:100%;font-family:verdana"> <hr>
<div style="text-align:justify">The <strong><em>OPLIN 4cast</em></strong> is a weekly compilation of recent headlines, topics, and trends that could impact public libraries. You can subscribe to it in a variety of ways, such as: <br>
</div>
<div style="text-align:left"> </div>
<ul>
<li style="text-align:justify"><strong>RSS feed.</strong> You can receive the OPLIN 4cast via RSS feed by subscribing to the following URL: <a href="http://www.oplin.org/4cast/index.php/?feed=rss2" target="_blank">http://www.oplin.org/4cast/<wbr>index.php/?feed=rss2</a>.</li>
<li style="text-align:justify"><strong>Live Bookmark.</strong> If you're using the Firefox web browser, you can go to the 4cast website (<a href="http://www.oplin.org/4cast/" target="_blank">http://www.oplin.org/4cast/</a>) and click on the orange "radio wave" icon on the right side of the address bar. In Internet Explorer 7, click on the same icon to view or subscribe to the 4cast RSS feed.</li>
<li style="text-align:justify"><strong>E-mail.</strong> You can have the OPLIN 4cast delivered via e-mail (a'la OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at <a href="http://lists.oplin.org/mailman/listinfo/OPLIN4cast" target="_blank">http://lists.oplin.org/<wbr>mailman/listinfo/OPLIN4cast</a>.</li>
</ul> </span> </td>
</tr>
<tr>
<td style="text-align:center;font-family:'Century Gothic',sans-serif;border-top:0px solid rgb(255,255,255);background-color:#2c4587;color:#fff" valign="top" width="760">© 2018 Ohio Public Library Information Network<br> <a href="http://www.slideshare.net/oplin" title="Find us on Slideshare" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/slideshare3.png" alt="Find us on Slideshare"></a> <a href="http://www.facebook.com/oplin.org" title="Find us on Facebook" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/facebook_0.png" alt="Find us on Facebook"></a> <a href="https://plus.google.com/107751358238995507967" title="Find us on Google+" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/google+.png" alt="Find us on Google+"></a> <a href="http://www.twitter.com/oplin" title="Find us on Twitter" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/twitter_0.png" alt="Find us on Twitter"></a> </td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div></div></div></div></div></div></div>
</div>