Ransomware attack behind Toronto Public Library service interruption, library says - Action News
Home WebMail Friday, November 22, 2024, 08:30 PM | Calgary | -11.3°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Toronto

Ransomware attack behind Toronto Public Library service interruption, library says

Many Toronto Public Library services have been disrupted since a cybersecurity attack hit the institution on Oct. 28. Now, the library says it's been the victim of a ransomware attack.

Website and other services have been down since Oct. 28, and likely wont be fully restored for another week

A row of desktop computers in an empty library are roped off by yellow tape.
Computers are seen blocked off with tape at a Toronto Public Library branch this week. The library says access to computers and printers, along with other services, will likely continue to be inaccessible for another week. (Haydn Watters/CBC)

A ransomware attack is behind a more than week-long service interruption at Toronto Public Library, the library says.

TPL confirmed the nature of the attack in a statement Tuesday morning, saying it has "engaged with" third-party cybersecurity experts and law enforcement to help resolve the situation.

"TPL has proactively prepared for cybersecurity issues and promptly initiated measures to mitigate potential impacts," the statement reads.

A number of serviceshave been unavailable since the attack on Oct. 28and likely won't be back fully for another week, according to Tuesday's statement. They include the library web page, online user accounts, map passes and digital collections, as well as printing and computer services.

Telephone lines and wi-fi are still operational at all library branches, which are open as scheduled, the TPL statement says.

TPL spokesperson Ana-Maria Critchleytold CBC News there's still no evidence that any personal information related to customers or staff has been compromised.

Service disruptions affecting users

While the attack is being investigated, some library users say the service interruption is an inconveniene.

Sharon Elaine, an artist in Cabbagetown, says she uses the computers at her local branch to write and work on projects.

The Toronto Public Library has a variety of programs and services to help Torontonians navigate through the challenges of a changing workforce and economy.
The library says there's still no evidence that any personal information related to customers or staff has been compromised. (Michael Wilson/CBC)

"I have to get projects practiced and done," she told CBC. "I have to do [them] by pen and paper."

Kyle Simmons says he goes to the branch near College and Spadina regularly to take out books and movies. He says that's been a little less efficient this week, but he's more frustrated with the loss of digital borrowing, saying he streams and borrows books digitally all the time.

However, he says these amount to small annoyances, and he's not worried that TPL has blamed the interruption on a ransomware attack.

"I don't know what sensitive information they could get other than I guess my name and address and the weird books I read," he said. "I'm not overly concerned."

Toronto's mayor had a similar reaction when asked Tuesday about the attack.

Mayor Olivia Chow said the city will look into the attack and that she hopes computer and printing services return quickly for those who rely on them. She added that she doubts whether any personal sensitive information could have been stolen.

"I don't think we collect important information. We don't ask people for money in libraries."

Why target a library?

One expert says it's not surprising a library might be targeted as cyberattacks are become more common for public institutions in general.

Charles Finlay, executive Director of the Roger CyberSecure catalyst at Toronto Metropolitan University, says ransomware attacks often involve leveraging illegally collected sensitive information for money. Arecent attack on five Ontario hospitals has led to health information being published publicly on the dark web, for instance. Butthat's not the only goal, he says.

A person types on a keyboard.
TPL has not commented on who might be behind the attack, what they want, or how the library plans to address it. (Jonathan Hayward/The Canadian Press)

Sometimes, attackers simply ransom control of an institution's digital infrastructure, Finlay says. Without knowing the full scope of the situation, he says he believes that's likely the case here.

"In Canada and around the world right now, it is a multi-billion dollar criminal industry that is highly resourced, it's highly innovative, and is, unfortunately, highly profitable for the ransomware gangs that launch these attacks."

Finlay says the TPL was right to be transparent with the public about the attackand to have had a plan in place for such an event.

"It is not a question of if an institution like the public library or other public sector institutions are going to be attacked, it's a question of when," he said. "So every institution needs to have a plan in place."

Finlay says law enforcement often advises institutionsagainst paying these ransoms to avoid encouraging future attacks, but that can be a difficult decision when accessto critical digital infrastructure and personal data is at stake. Ultimately it's up to the individual institution, he says.

TPL has not commented on who might be behind the attack, what they want, or how the library plans to address it.

Corrections

  • This article previously stated the cyberattack happened on Oct. 27. In fact, the incident started on Oct. 28.
    Nov 24, 2023 5:01 AM ET

With files from Tyler Cheese and Haydn Watters