Recent ransomware attacks targeting library systems in South Carolina are the latest in a string of attacks affecting local government agencies. The increasing number of these types of attacks highlights the serious importance of making cyber preparedness a significant priority and taking the necessary steps to secure library networks against threats. Being proactive is the most effective defense against ransomware.
The South Carolina State Library strongly encourages libraries in South Carolina to back-up their servers, regularly apply security patches, and use anti-virus protection software. The FBI recommends users consider implementing the following prevention and continuity measures to lessen the risk of a successful ransomware attack:
- Regularly back up data and verify the integrity of those backups. Backups are critical in ransomware incidents; if you are infected, backups may be the best way to recover your critical data.
- Secure your backups. Ensure backups are not connected to the computers and networks they are backing up. Examples might include securing backups in the cloud or physically storing them offline. It should be noted, some instances of ransomware have the capability to lock cloud-based backups when systems continuously back up in real-time, also known as persistent synchronization.
- Scrutinize links contained in e-mails and do not open attachments included in unsolicited e-mails.
- Only download software – especially free software – from sites you know and trust. When possible, verify the integrity of the software through a digital signature prior to execution.
- Ensure application patches for the operating system, software, and firmware are up to date, including Adobe Flash, Java, Web browsers, etc.
- Ensure anti-virus and anti-malware solutions are set to automatically update and regular scans are conducted.
- Disable macro scripts from files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full Office Suite applications.
- Implement software restrictions or other controls to prevent the execution of programs in common ransomware locations, such as temporary folders supporting popular Internet browsers, or compression/decompression programs, including those located in the AppData/LocalAppData folder.
The South Carolina State Library Information Technology Department Team is available to assist libraries in South Carolina to answer questions about cyber security. The State Library also provides libraries with access to ITProTV Security Awareness Training at no cost.
For more information and access to the online training, please contact Paul Harmon, Director of IT Services at pharmon@statelibrary.sc.gov or (803) 734-8651.
