If you manage a library, you have most likely invested a significant amount of time and resources in the physical security of your building. But in an age where we conduct so much of our work on computers, we should be paying the same attention to securing our online networks as we do to our physical premises. Keep reading to learn about cybersecurity threats, the specific vulnerabilities affecting libraries, and how you can protect your organization from attacks.
A cybersecurity attack consists of an infiltration of a network by an outside actor, with the intention of stealing, encrypting, or exposing information stored in the network. The processes and motivations behind these attacks vary widely, but many take the form of some kind of malware.
Types of Cybersecurity Attack
Malware is a broad term, used to describe attacks that install foreign files or programs on the target system, which intend to disrupt in some way. One very common type of malware threat is a ransomware attack, which encrypts files on the target network. The hacker will then ask for money in exchange for the victim regaining access to their files.
Spyware is an alternate form of malware, which monitors activity on a network and harvests personal information from it. A botnet is another, which infects large numbers of Internet-connected machines, while Trojan malware performs illicit activities on the affected files.
Non-malware cyberattacks include formjacking, which can be used to get hold of banking information, and DDoS (distributed denial of service), which disrupts web traffic to the target site. It does this by flooding the server or network with an enormous amount of requests in order to cause it to crash.
Where Attacks Begin
Cyberattacks can only succeed by exploiting a vulnerability in the target network. They do this by finding a weak point in the network, software, or hardware used by the target organization, or they can enter through a malicious link. Links are usually sent by email to staff members in the organization, and clicking on them grants the hacker access to files in the network.
Key Risks for Libraries
Ransomware attacks are among the most common types of cybercrime. In this case, you may notice that some files or programs aren't working properly. You'll then be contacted by the hacker, who will promise you the encryption key to regain access to your files, in return for a sum of money. The effects of this can be pretty catastrophic if you don't have backups of your data, and businesses can and do close completely after suffering a ransomware attack. Because they store personal data, often pertaining to vulnerable people, libraries may be more likely to accede to hacker demands should they gain access to this information.
If you have banking information on file, for example from late return fines or fee-paying services, this may be targeted by hackers. They may attempt to steal from your patrons after gaining access to their banking details, using formjacking or another kind of attack.
If your library has public-access computers, these may pose an extra risk to your network. The large number of people using the computers raises the risk of somebody opening a malicious link and enabling an attack. If your public-access computers are part of the same hardware network as your staff machines, or even use the same Wi-Fi network, this can facilitate an attack on your staff systems.
Preventing an Attack
Your top priority should always be prevention. Consider what data you have, how sensitive it is, and therefore how important it is to secure it. Use this to create your "circles" of security, with the inner circle being the most sensitive and therefore most protected.
Many cyberattacks happen due to human error — that is, a member of your staff clicking a malicious link disguised as something else. Therefore, if you educate your staff, and any volunteers who have access to your network, on how to spot a potential threat, you'll significantly lower your risks.
Successful hacker emails often make use of social engineering to make their links appear benign. They may model emails based on a trusted sender, such as Google Docs, Microsoft, or another person in the organization. By doing this, they exploit users' trust of the sender they are impersonating and hope that they will unquestioningly click the link.
Train your staff on what a suspicious email looks like and on how to spot telltale signs. One useful trick is to check the sender's email address, ensuring that it matches who the sender says they are. Here at TechSoup, we use the KnowBe4 platform to ensure that all of our staff knows how to spot malicious emails in an effort to lower our risk of a cybersecurity breach.
Carefully consider how you store your data, sensitive information in particular. Back up all of your data using the 3-2-1 rule. Keep three copies of your data (one primary backup and two copies), saved on two different types of media, at least one of which should be offsite. This means that if you fall victim to a ransomware attack, you will be able to restore your data from backups and won't need to pay the hacker a ransom to get your files back.
You should also limit the user privileges of your staff. Ensure that only the people who need access to certain information can get it, so that you limit the risk of a hacker gaining access to your more sensitive information. You should also delete any files that you no longer need, such as personal information about past patrons.
If you have public-access computers, separate the network they're on from your staff network as much as possible. Ideally, they should be on a separate hardware network and a different Internet connection from your staff machines. This will prevent an attack from gaining access to valuable data through your public computers.
Get the Right Tools
Libraries are often low on funds, but cybersecurity is an important area to invest in. TechSoup partners with a range of organizations to get nonprofits great deals on cybersecurity tools. NortonLifeLock and Bitdefender offer antivirus protection, Avast protects against malware, and Veritas can help you to back up and recover your data effectively. You can find out more about the great security solutions offered on our website.
When Disaster Strikes
Even with good prevention tactics, unfortunately cybersecurity attacks do happen. Hopefully in this event you'll be prepared, but read on for a few things you can do to minimize the effects of the attack and get back on your feet.
First, contain the attack. Disconnect the affected computers from the Internet in order to limit hackers' access to your data. This may not be effective if an encryption file has already been installed on your machines, but it will stop any real-time monitoring or data theft. You can also put computers into hibernation mode, which will halt the encryption process. Do not, however, turn the computer off altogether. This can seem logical, but it may exacerbate the damage when the computer is turned back on and erase evidence that can help trace the source of the attack. Make sure you disconnect any backup devices too, so that those files don't get encrypted.
If you have backups, restore your data from those. You should also change all of your passwords in order to prevent further attacks. If it's a ransomware attack, do not pay the ransom if you can avoid it. Even if you meet the hacker's demands, there's no guarantee you'll get your data back. It's also common for organizations that pay a ransom to suffer repeat attacks, since they've already shown that they are willing to pay.
Once you've dealt with the immediate damage of the attack, get experts in to identify the source of the attack and reinforce those vulnerabilities.
Ransomware attacks and other cybersecurity threats are increasingly common, and they have only increased with the COVID-19 pandemic. Libraries are vulnerable to these attacks and need to protect themselves accordingly. Make sure to learn about the risks to your organization, back up your data regularly using the 3-2-1 rule, and invest in some quality tools to protect your data.
- Discover 6 Ways You Can Safeguard Patrons' Privacy at Your Library.
- Get the Latest on Disaster Preparedness.
- Learn how to deliver tech training to your library staff with this course from TechSoup Courses.
- Watch a webinar on Technology Solutions for Larger Library Systems.
Top photo: Shutterstock