Ransomware attack suspected in Calgary Public Library cybersecurity incident

The Calgary Public Library says its teams have confirmedlast week's cybersecurityincidentwas the result of an attemptedransomware attack.

"As of today we can confirm our cybersecurity team suspects that this was an attempted ransomware attack that our monitoring systems blocked," it said in a statement Friday.

"As part of our containment protocols, we proactively shut down all servers and systems. The Library has not been in communication with any threat agents."

On Oct. 11, acyberattack forced the closure of all 22 of its physical public library locations across the city.

Those locations did not reopen until Wednesday of this week, but are still providing modified servicesas the organizationcontinues to experiencedisruptions because of what the library calleda "detected cybersecurity breach."

Patrons currently have access to library spaces and services that do not require technology.

'Libraries are a rich target'

Ritesh Kotak isa Toronto-based cybersecurity and technology analyst who has been following the news out ofCalgary. Kotak saysthere's no typical timeline for how long it could take to safely restore all operations.

"It comes down to the complexity and just the volume of systems that are involved. It just takes a while if you want to be thorough," he told CBC News on Friday.

He saidsecuring the system isn't a simple set of procedures and every systemis different.

"It seems that the Calgary Public Library had the right protocols in place and they did everything right."

As for what information was accessed, the Calgary Public Librarysaid it is still investigating the incident and workingto determine if any employee or membership data was impacted.

Kotak saida ransomware attack is usually when a system becomesinfected with a malicious software, most commonlyresulting from suspicious email links, and the goalis typically to extort the victim into paying a large sum of money to hackers in order to retrieve the data they lost.

"Libraries are a rich target, and the reason that they're rich target is because they hold a lot of data," said Kotak.

"When you start getting people's names, addresses, phone numbers, email addresses, potential payment information, you're able to take that data and that has monetary value to hackers and fraudsters."

He saidthis data can then be used for crimes like identity theft or other ways hackers wish to exploit data for monetary gain.

"Think about all the times we hear about hacks and breaches," he said.

"If you take the information from the from the public library, andthen you mirror that with information taken from other hacks and you correlate that information, it paints a pretty intrusive picture about an individual."

The library says it willkeep the publicupdated as more information becomes available, includingreporting any impacts to privacy.