The Sword and Laser discussion

For the past several weeks I have been unable to access any of my library's online services. I don't know the due dates of any of the books I currently have out, and books that have hold requests are in limbo - including this month's S&L pick, Vessel.

And this is why

Tsk tsk, looks like someone opened an email they shouldn't have.

I work at a public library, and I'm savvy enough to know the red flags and the consequences of ignoring them. Some of my older co-workers aren't as aware, though, and that's usually how these things worm their way into a system.

Wouldn't surprise me if libraries become a more popular target for ransomware, considering how many older folks work in them.

Makes me think about the place I work. They do "educational" troll emails to see if you're paying attention. You can report a suspected phishing attempt via a button. I catch all of them, 100%. It's not hard, just don't click on any links or open attachments unless you know for sure what they are. And if in doubt, report on the button.

Anyhoo, got a colleague in another department that falls for it at least half the time. So far no harm done, it's all our own stuff. But one day it might not be.

Aaaaand look what popped up in my FB feed today! Your library may have experienced something like..this.

My entire campus had to go through re-education I mean training on phishing emails after one employee clicked (and redistributed!) something they shouldn't have. That one employee? The library directory, now retired. ;)

John (Taloni) wrote: "Aaaaand look what popped up in my FB feed today!.
"

Source for this cartoon? I'd love to share it with my IT peeps.

http://www.jklossner.com/humannature

This is also effecting a local library system near me.

Hit By Ransomware, Butler County Libraries Go Back To Paper-Only Loans

Happened at my sons school.. his computing teacher was quite sarcastic about his colleagues afterwards.

I am able to access the library website with the list of my current loans and holds, but several books that I have already returned are still showing up as checked out to me. Hopefully it gets cleared up! I'm sure they're expecting snafus after this ordeal.

Hmm... as a software person (profession wise, I mean, I'm real otherwise!), any system that relies on humans being 100% perfect at anything is going to fail and thus is poorly architected.

Also, many of these ransomware attacks rely on unpatched software, usually Windows, so my sympathy is somewhat limited (patch things, people)... EXCEPT... Libraries are often underfunded and might not have the IT staff to do this properly (i.e. test the update on mirrors of critical systems, etc.) Another reason to support adequate funding of libraries.

I work at a library buying books and other materials for the collection. I don't think a week goes by without getting an email with some sort of faked invoice attached. They're not (yet) very hard to spot, but some have fairly specific information (one had our actual account number with a vendor - I assume that vendor had been hacked). Still, with the emphasis the library profession places on the privacy of our patrons, it's hard to excuse lapses like this.

The problem, Seth, is that you can't reasonably rely on people to be perfect at spotting these. All it takes is one person who is in a rush or otherwise has a lapse.

The fact is that a lot of these vulnerabilities are fixed in patches and organizations STILL aren't taking the basic security steps of having software routinely patched in a timely manner. Hence my limited sympathy.

I wouldn't click on the link above.

I'm 50/50 on whether it's spam or not :-? or someone trying to be helpful.

I'm always suspicious of links in posts to products, from people who just joined up the same day.

The account is new too. So I would say 💯 spam.

The account is from new and from Ukraine. Red flag. The account's bookshelf only has 3 books, all literary classics and none read by this group. Red Flag. The only comment ever made by the account includes a commercial link. Red flag. The comment is on an inactive thread, Red Flag. The comment is phrased like directed marketing. Spam.

Why not delete the link?

I can delete the whole post. Not edit them.

I was giving the poster time to respond if they're genuine. It could be someone trying to help. It doesn't look like a typical 'cut and paste' normal spam post

I had checked the account out (The first thing I do for anything that looks suspicious) and everything throws up red flags.

If it's definite spam, mine and Rob's response is to slash and burn ;-)