Key Takeaways:
– The Seattle Public Library (SPL) has fully recovered from a ransomware attack that affected its operations for three months.
– In response, SPL has implemented new cybersecurity measures to prevent future breaches, including system migrations and improved password security.
– Cybersecurity experts commend SPL for these steps, though highlight the importance of continuous updates and testing of recovery plans.
Main Article:
After a three-month period of disruption caused by a ransomware attack, the Seattle Public Library (SPL) has announced that all tech-enabled systems and services are now fully operational. Cybersecurity experts have applauded the institution for the measures it has taken to brace against potential future attacks.
Memorial Day Cyberattack: Impact and Recovery
The cybersecurity breach happened on Memorial Day weekend, affecting several key services such as staff and public computers, online catalog and loaning systems, e-books and e-audiobooks, in-building Wi-Fi, and the library’s website.
Throughout the recovery period, the SPL provided regular updates, detailing the restoration of services and the remaining work. Insights from cybersecurity experts were sought about the reason behind the library being targeted and preventive measures.
The library stated on Tuesday that an assessment of its response to the attack is underway. A public report will be released later this year.
Measures Taken Post AttackLaura Gentry, head of communications for SPL, shared with GeekWire some measures the library has taken to prevent future attacks. These include an expedited migration to SharePoint Online and the implementation of multi-factor authentication on staff systems.
Ms. Gentry adds that SPL also expanded its use of cloud-based Microsoft tools for file management and communication needs. The IT staff retired some legacy on-premises services and capitalized on cloud-based infrastructure capabilities to rebuild stronger.
As part of their corrective measures, the library re-imaged approximately 1,000 computers, forced systemwide password updates, and enhanced password requirements.
Cybersecurity Experts’ Reactions and Recommendations
CEO of Seattle-based cybersecurity startup Oleria, Jim Alkove praised the library for its quickly implemented multi-factor authentication and migration to cloud-based services. Key aspects of ransomware prevention, such as patching, were also highlighted.
Alkove noted the importance of user access control to prevent the risks associated with over-provisioning. He insists that organizations must continuously update and test their recovery plans to ensure they can respond quickly and effectively to any future attack.
Sunil Gottumukkala, co-founder and CEO of Seattle-based cybersecurity startup Averlon, adds his voice to those praising the library’s move to MFA. He also underscores the need for a periodic ‘recover and rebuild’ plan, a fundamental aspect he feels SPL had not mentioned yet.
Final Words
The incident at Seattle Public Library demonstrates the ever-present threat of cyber-attacks on institutions and businesses. It underlines the necessity for robust cybersecurity measures, continuous monitoring, and the need for contingency plans for swift recovery. With SPL’s commitment to reinforcing their security systems and protocols, they serve as a reminder for other organizations to be prepared and vigilant against potential cyber threats.
 has announced that all tech-enabled systems and services are now fully operational.){kind=link}