by Bill Lucia, Washington State Standard
The Seattle Public Library’s website and computer systems remained down on Tuesday, with the library blaming a cyberattack it detected over the weekend.
Public computers, the library’s online catalog and loaning system, e-books, and in-building Wi-Fi were among the knocked-out services. The library said it learned of the attack early Saturday morning ahead of planned computer server maintenance.
It described the situation as a ransomware attack, where criminals use malicious software to block individuals or organizations from accessing their data, often rendering computer systems unusable. The attackers demand a ransom for the information to be unlocked, sometimes threatening to leak sensitive information if it isn’t paid.
“The Library quickly engaged third-party forensic specialists, contacted law enforcement, and took our systems fully offline to interrupt and better assess the nature and impacts of the event,” the library said in a statement posted on its Shelf Talk Blog.
No estimate for when services might be restored was given. And the library didn’t disclose the amount of ransom demanded or a motive.
“Until we can ensure the security of these systems, they will remain offline,” the statement said.
It added: “We are an organization that prides itself on providing you answers, and we are sorry that the information we can share is limited. At this time, securing and restoring our systems is where we are focused. We will update you in this space as we make progress on that work.”
A spokesperson for the agency couldn’t be reached by phone or email. The director of communications for Seattle Mayor Bruce Harrell’s office didn’t respond to a request for comment.
The library said it would keep its branches open and allow patrons to check out physical books and other items using paper forms. People with books and other materials already checked out were urged to hang onto them until the library’s computer systems are back online.
In a report published last fall, the nonprofit Center for Internet Security described ransomware as one of the most common and consequential cyber threats affecting states and localities.
Between 2020 and 2022, multi-state centers focused on cybersecurity at the state and local government level and for elections infrastructure recorded 500 of these incidents, affecting entities ranging from school districts to state agencies, the report said.
It also noted that ransomware demands often exceed six figures. Even when governments don’t pay the ransom, the breaches can be pricey. Dallas’ City Council last year approved nearly $8.6 million to pay vendors that aided in its response to a ransomware attack.
Washington State Standard is part of States Newsroom, a nonprofit news network supported by grants and a coalition of donors as a 501c(3) public charity. Washington State Standard maintains editorial independence. Contact Editor Bill Lucia for questions: [email protected]. Follow Washington State Standard on Facebook and Twitter.