Attempted cyber attack responsible for 3-week Newport News library computer outage
A failed cybersecurity attack is responsible for Newport News Public Library branch computers being out of operation the past three weeks.
Public computers and printing, faxing and scan-to-email services have all been unavailable since April 25. Library patrons who tried to use public computers at library branches were greeted with signs taped over the screens that say “out of order.”
City spokesperson Kim Lee said Thursday that IT security measures blocked the attack, but the computers were shut down following the attempted attack on the server supporting the library’s public computer labs.
“The attempt failed,” she said. “We caught it. So they didn’t come in and take over our system. We caught it very early.”
Lee said she did not know whether the attempted cyber intrusion was a ransomware attack, referring to it only as a “cyber attack.”
In a ransomware attack, hackers gain access to an organization’s computer network and encrypt data to prevent the owner from accessing files. The hackers then demand a ransom payment in exchange for unlocking the files. The FBI discourages victims of ransomware from paying ransoms, saying it does not guarantee access will be restored and it encourages future illegal activity.
Lee emphasized that no patron’s data — such as names, addresses or other important information — was touched in any way.
“Someone tried to get in, tried to find holes in our system. We found them before they did anything and shut them down,” she said. “But we still had to, you know, clean up the server. And then again, we reconfigured the whole thing, the whole server, to make sure we’re preventing further attacks.”
As a result of the attempted intrusion, Lee said the library had to reconfigure the infrastructure of the server to prevent further attacks. The reconfiguration process has taken several weeks.
The city expects to have the computer labs back up by Monday. In the meantime, library patrons who need to use computers can utilize services at public libraries in Hampton and York County.
The city has provided details on the attack to the Virginia State Police and the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security for further action.
Organizations from hospital operators to school districts to state and local governments have fallen victim to ransomware attacks in recent years.
More than 200 large organizations suffered a ransomware attack last year, according to a report released earlier this year by cybersecurity firm Emsisoft. Those attacks include 106 ransomware attacks on local governments, 44 attacks on universities and colleges, 45 on school districts operating 1,981 schools and 25 healthcare providers serving 290 hospitals.
Data was stolen in about 25% of the local governments targeted, according to the report. Quincy, Massachusetts, paid a demand of $500,000 and is the only local government known to have paid a ransom in 2022, according to the report. Emsisoft reports the highest ransom demand to become public knowledge was the $5 million demanded from Wheat Ridge, Colorado.
The number of attacks targeting state and local governments has remained relatively consistent year to year, with 77 incidents publicly reported in 2021 and 113 incidents publicly reported in 2020 and 2019, according to the report. Nevertheless, Emsisoft said it was “concerning” that there doesn’t seem to be a decrease in the number of attacks.
Josh Janney, joshua.janney@virginiamedia.com.