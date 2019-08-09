After more than three months of upgrades and problem-solving, the Daviess County Public Library's onsite patron services are fully operational.
On April 28, the library was hit with a form of ransomware called Cryptoblocker. Its files were encrypted and held for ransom to the tune of six bitcoins, or $30,947, which the library did not pay. Since then, the library's IT staff has been working alongside vendors as well as outside consultants and have managed to get back on track, said Library Director Erin Waller.
"Internally, the staff machines have been cleaned and wiped and everyone has domain access now with their own personal logins," she said. "Employees are no longer using WiFi and are back on our network. Patrons can do self-check and everything is checking in and out online again and the in-house catalog is all up to date."
As it stands, the only patron-related service that is not back up and running is that people are not able to access their information from home, but that service will be back online in a matter of days, she said.
"If someone wants to call and ask about their account, we can give them their information," she said. "The company that pulls that information from Polaris, BiblioCommons, is in the process of setting their service back up so patrons can access their information from home. There are some odds and ends and a couple of links that need to be put back on the network as well as server work that Brian (IT Manager Brian Lashbrook) wants to do to make it more accessible and safer. As far as what people see on the outside and in terms of patron use, things will be back to normal."
While the end of the library's ransomware woes seem to be on the horizon, Lashbrook, along with his team that includes IT Assistant Wesley Johnson and Information Services Manager Alicia Harrington, has taken every step to ensure that their practices and their systems have evolved after the attack, Lashbrook said.
"What has slowed progress is restructuring the network so it is more secure in doing that I have had to address little issues that have popped up," he said. "For instance, I moved the staff to a new virtual network to isolate anything that could still be a danger on its own network so they can't communicate. Everything that has been redone is isolated. In doing that, any time you put stronger and stricter security in place, you have to go back and address the kinks with anything new and address them individually."
A major aspect of that strategy has been reacclimating vendors to the new security and technology practices, like BiblioCommons, he said.
"One of those is getting tech-support for BiblioCommons into our server," he said. "That is a side effect with the new network. There is a learning curve and little bit of going back to fill in the gaps, specifically on how our vendors need now access our network. They no longer have unlimited access, they only have what they specifically need as we are doing across the board. We are restricting everything only to what it absolutely needs. It has been a lot of trial and error, especially in finding the balance between security and usability. I feel like account logins should be back to normal by the end of this week. Right now, it is working out the bugs with vendors and software upgrades to bring everything up to our new standard."
Jacob Mulliken, 270-228-2837, jmulliken@messenger-inquirer.com.
(0) comments
Welcome to the discussion.
Log In
Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
PLEASE TURN OFF YOUR CAPS LOCK.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.