'Not business as usual': Calgary Public Library still in early stages of cyberattack probe

The Calgary Public Library (CPL) is still assessing the damage that was done to its systems after a cyberattack forced the closure of all 22 of its physical locations last week.

Speaking on The Homestretch on Tuesday,Mary Kapusta,director ofcommunications andengagement at CPL, said as the library investigates the hack, its locations will reopen with modified service Wednesday.

"We're making some steps towards reopening as securely as we can and providing as much service as we can, but it's still not business as usual,"Kapustasaid.

CPL is still in the early stages of its investigation to find out what happened and determine the scale of the impact that the cyberattack had on its systems.

"We don't have any details to share. As we learn, we certainly will be reporting back to the public and our staff. But for right now, the investigation is ongoing," she said.

Kapusta added libraries across North America are being targeted by hackers, and the CPL is encouragedthat itscybersecurity monitoring team was able to detect the breach when it happened.

In 2023, a cyberattack on the Toronto Public Libraryparalyzed itscomputer systems for months. Kapusta said Toronto has been an incredible resource in helping to decidewhatsteps the CPL shouldtake next as it deals with the hacking fallout.

"With Toronto sharing their lessons for instance, what can you do without technology? Understanding your infrastructure, understanding your staff training component. Those are all things that we learned and started applying, certainly, in the ripples of their incident," Kapusta said.

She also said the CPL is working alongside theCity of Calgary's technology teams as well as other security consultants to address the breach.

"We have brought in additional resources to help us quickly identify what's going on and, of course, make sure that we're working and providing the right information and access to our partners, like the city," Kapusta said.

"We are still trying to identify everything that went down and to see what steps we have to take going forward. And we will be reporting that as soon as we can. Right now, we don't have that information."

Kapusta said the library will not bring its systems back online until it is surethings are secure.

She encouraged library users to visit the CPL website to better understand what can and can't be done at its locations when they reopenWednesday.

Cybersecurity expert Tom Keenan,a professor inthe school of architecture, planning and landscapeat the University of Calgary,, told theCalgary Eyeopeneron Tuesday it wasn'ta question of ifCPL would be targeted by a cyberattack, but when.

"That's true for just about everybody. The University of Calgary had a ransomware attack a few years ago,' Keenan said. "No matter how good your cybersecurity is, there are bad guys trying to get ya."

Keenan said it's possible Calgary could go through something similar to what Toronto went through, depending on the type of hack.

There are two majortypes of cyberattacks, according to Keenan.

The goal of one, called a ransomware attack, is typically to extort thevictiminto paying alarge sum of money to retrieve the datathey lost.

In the other type, criminalswill steal data with the intention of using it for malicious reasons, such as identity theft or fraud.

Keenan said an effective way of protecting yourself from ransomware is to have several backup copies of your data, stored in different locations. He also said to beware of scammers who may target library users using personal information that was possibly stolen in the hack.

It's also a good idea to changeyour password to something completely newto prevent being targeted by hackers, Keenan said.