{"id":883,"date":"2024-10-23T16:31:04","date_gmt":"2024-10-23T22:31:04","guid":{"rendered":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/?p=883"},"modified":"2024-10-23T16:31:08","modified_gmt":"2024-10-23T22:31:08","slug":"calgary-public-librarys-cyber-attack","status":"publish","type":"post","link":"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/2024\/10\/23\/calgary-public-librarys-cyber-attack\/","title":{"rendered":"Calgary Public Library\u2019s Cyber Attack"},"content":{"rendered":"\n

What happened?<\/strong><\/p>\n\n\n\n

On Oct 11th<\/sup> 2024 all 22 locations of public libraries across Calgary was shut down amid a cyber-attack. The early news suspected it to be the ransomware attack endangering public\u2019s crucial data at the hands of attackers.<\/p>\n\n\n\n

Why was library targeted?<\/strong><\/p>\n\n\n\n

“Libraries are a rich target, and the reason that they’re rich target is because they hold a lot of data,” <\/em>said Ritesh Kotak, a Toronto-based cybersecurity and technology analyst.<\/p>\n\n\n\n

The Public library contains crucial data of its users. At the time of getting the library card, a user is needed to provide sensitive data as in date of birth, address, full name and photo ID. From a hacker\u2019s point of view, it is an ideal platform to attack and demand ransom money.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Since the beginning of Covid-19 the cyber attacks have gained more popularity as the paradigm of working has shifted to remote access\/cloud-based. However, the cyber extortion methods dates back to 1980s and the first ransomware attack took place in 1989 with the PC Cyborg Trojan.<\/p>\n\n\n\n

In today\u2019s evolving IT world, cyber security practices need to be more robust than ever before to save end users, clients and companies data from cyber-attacks and to mandate confidentiality, integrity and availability of data always.<\/p>\n\n\n\n

Since the Calgary Library\u2019s Ransomware attack is quite recent; the final report is yet to come, let\u2019s investigate the Ransomware and its categories to get a closer look at the situation.<\/p>\n\n\n\n

There are three types of Ransomware attack, locker, crypto, and scareware.<\/p>\n\n\n\n

Scareware:<\/strong> It manipulates end user to click a pop-up ad that traps user into downloading a software in order to run a certain application. In the end, if the user clicks it ends up downloading a malware infecting the system.<\/p>\n\n\n\n

Locker:<\/strong> The purpose of this type of ransomware is to block the user\u2019s computer. It is done by encrypting certain files which tends to lock the computer screen\/keyboard so that it cannot be accessed\/used.<\/p>\n\n\n\n

Crypto ransomware:<\/strong> Unlike locker technique, it does not alter the basic computer functions but encrypts the user\u2019s sensitive files. It is an irreversible ransomware as current encryption methods such as AES and RSA are almost impossible to revert if the implementation is properly done.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

There are three encryption schemes for Crypto Ransomware;<\/p>\n\n\n\n