Ransomware attacks shut down Seattle 27 public libraries

The entire Seattle Public Library system is still spinning after a Memorial Day weekend ransomware attack disrupted access to technology services across the city’s 27 separate branches. The latest update on Wednesday announced that the library system will “stay offline” until the research and healing are done and that there is no estimated timeline for repair.

“We are an association that flatters itself on delivering you replies, and we are unfortunate that the data we can transfer is restricted,” the Library said.

Library officials say access to its online catalog and loaning system, e-books, e-audiobooks, public computers, Wi-Fi, and printing are just some of the network services affected by the early morning May 25th attack. The library's website – where updates on the attack are being published for locals – was also hit offline, but has since been fixed with the benefit of external protection professionals. According to a post about the attack on X, the Library, with the use of third-party forensics, disjoined the systems to try and separate the damage and “better evaluate the character and results of the occasion.”

Seattle is a significant US city found on the northwest edge of Washington state, with a population of more than 750,000. Ironically just one day before, the library had declared a scheduled weekend outage due to system supervision from Saturday through Monday nights.

The online updates would have impacted Library accounts, pick-up safes, and online catalogs, but now IT attendants are being charged with fixing “full functionality” to all library systems.

Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ, noted that directly observing the attack, the Library was pushed to accept “all systems offline and retreat to manual lending for textbooks and CDs.” “As these organizations resume to be marked for danger actors, they must prioritize a prescient cybersecurity policy, considering any vulnerabilities in their systems,” stated Costis.

Ransom gangs have consistently targeted the education sector

Costis is referring to a new government program offered last fall by the US Cybersecurity and Infrastructure Security Agency (CISA) aimed at supporting schools and library systems across the nation to beef up protection measurements due to the ripple of current attacks. “The scale of cyberpunks on libraries and schools encouraged the FCC to offer a “Schools and Libraries Cybersecurity Pilot Program” in November that would permit administrators to gather data to help protect these organizations,” Costis stated.

The program’s major purpose is to provide digital equity in connectivity across schools and libraries, so everyone, every place has access to high-speed Internet services, the Federal Communications Commission (FCC) release states. FCC Chairwoman Jessica Rosenworcel asserts that “cyberattacks can damage the connectivity that schools and libraries count on day-in and day-out,” and have resulted in “everything from network malfunctions to scholar privacy vulnerabilities to unexpected costs to get their systems back online.”

The agency is expected to vote on embracing the three-year, $200 million pilot program sometime next month. “This proposal highlights the need for improved cybersecurity standards for these organizations, which has been reaffirmed by the most current attack on the Seattle Public Library,” Costis displayed.

Likewise, between 2018 and mid-2023, ransomware attacks affected the records of 6.7 million students across the world, while costing regional economies over $53 billion in downtime. A type of ransomware party became known for their attacks on schools, most recently was LockBit, Royal (BlackSuit), Medusa, and Rhysida in 2023, and Vice Society reigning in 2022. Before that, Comparitech records Ryuk and Pysa as the most prolific.

As for the Seattle Public Library, it’s not apparent at this moment if any susceptible data was robbed in the attack, but library officials state that the “privacy and protection of customer and worker details are top preferences.” Officials also stated that all 27 branch buildings are still available for general use, but bring your library card as staff will utilize paper documents to match out physical textbooks, CDs, and DVDs, and deliver other limited services. As of this report, no ransomware company has declared accountability for the attack.