[LIBRARYDIR] [EXTERNAL] - Re: Ransomware plan?

Guidry, Wade WadeG at bigbend.edu
Thu Jun 16 08:28:39 PDT 2022 

I’ll add a few other thoughts to what a Ransomware plan for the library might contain:


  1.  First response actions – What immediate actions does the department take when a ransomware alarm goes out? Turn off computers? Close immediately? Log out of everything?

First response actions should be determined by IT. But probably need to be carried out by departments.

  2.  Understanding how a ransomware event might impact your use of cloud-based services.

Hosted platforms (Alma / Primo, Koha, Horizon, EZProxy, LibGuides, CONTENTdm, Google Scholar, OCLC services, Canvas, etc) will fall outside the impact zone of a Ransomware event. But the way you navigate to them (DNS) and the way you authenticate to use them (campus authentication platforms) might be affected. You need a plan for navigating to and authenticating to hosted platforms when campus infrastructure goes down.


  1.  Off-campus / Cloud backups of critical library files – This one is straightforward. Files and digital assets critical to library continuity (financial, statistical, collection-related) should be regularly backed up to an off-campus or cloud location. Many of the institutions already use commercial cloud-based services (office 365, Google Apps) for administrative purposes. So, this one may already be in place or easily implemented.



  1.  Ability / Capacity for employees to work from home, and an understanding what work can and cannot be performed during a Ransomware event.



  1.  Staff communications during a Ransomware event, since email may be the first thing to go.

And just a general question, what is SBCTC’s role in this discussion, if any?


Wade Guidry
Library Consortium Services Manager, WACTCLC
wadeg at bigbend.edu<mailto:wadeg at bigbend.edu>
(509) 760-4474
http://www.wactclc.org<http://www.wactclc.org/>

From: LIBRARYDIR <librarydir-bounces at lists.ctc.edu> On Behalf Of Jacquelyn Ray via LIBRARYDIR
Sent: Wednesday, June 15, 2022 4:13 PM
To: WACTC Library Directors <librarydir at lists.ctc.edu>
Cc: Jacquelyn Ray <jacquelyn.ray at wwcc.edu>
Subject: Re: [LIBRARYDIR] [EXTERNAL] - Re: Ransomware plan?

CAUTION: Originated outside our network. Do not click links or open attachments unless you validate the sender.


Awesome, Erica!  I just saw this after I sent my thoughts~

All my best,
Jacquelyn

​Jacquelyn Ray, MLIS, MA | Director of Library Services, FYE & Interim Director of Continuing Education| she/her
Walla Walla Community College
Need help evenings or weekends? Try our 24/7 Ask-a-Librarian Chat Service!<https://askwa.libanswers.com/widget_chat.php?hash=d266f8c192e1c15230f3b8f764dcead2>

“Be kind whenever possible. It is always possible.” ~Dalai Lama




<https://askwa.libanswers.com/widget_chat.php?hash=d266f8c192e1c15230f3b8f764dcead2>

________________________________
From: LIBRARYDIR <librarydir-bounces at lists.ctc.edu<mailto:librarydir-bounces at lists.ctc.edu>> on behalf of Coe, Erica via LIBRARYDIR <librarydir at lists.ctc.edu<mailto:librarydir at lists.ctc.edu>>
Sent: Wednesday, June 15, 2022 1:09 PM
To: WACTC Library Directors <librarydir at lists.ctc.edu<mailto:librarydir at lists.ctc.edu>>
Cc: Coe, Erica <ecoe at olympic.edu<mailto:ecoe at olympic.edu>>
Subject: Re: [LIBRARYDIR] [EXTERNAL] - Re: Ransomware plan?

CAUTION: This email did NOT originate from WWCC. Do not click links or open attachments unless you validate the sender and know the content is safe. If you are unsure, contact the Help Desk at x4357 or email helpdesk at wwcc.edu<mailto:helpdesk at wwcc.edu>

I agree with Tim, but we do need to consider continuity of operations for our specific services.



A few starting places:



Developing a library service continuity plan focused on digital services and cybersecurity<https://www.timeshighereducation.com/campus/developing-library-service-continuity-plan-focused-digital-services-and-cybersecurity>



Awareness, Planning, Resilience: Thoughts on Libraries’ Cyber Defense in 2020<http://blogs.ifla.org/lpa/2020/03/27/awareness-planning-resilience-thoughts-on-libraries-cyber-defense-in-2020/>



ALA Library Disaster Preparedness & Response<https://libguides.ala.org/disaster/home>



This would be a great professional development offering for next year.



Thanks,

Erica





From: LIBRARYDIR <librarydir-bounces at lists.ctc.edu<mailto:librarydir-bounces at lists.ctc.edu>> On Behalf Of Susan Schreiner via LIBRARYDIR
Sent: Wednesday, June 15, 2022 1:05 PM
To: WACTC Library Directors <librarydir at lists.ctc.edu<mailto:librarydir at lists.ctc.edu>>
Cc: Susan Schreiner <susan.schreiner at ghc.edu<mailto:susan.schreiner at ghc.edu>>
Subject: [EXTERNAL] - Re: [LIBRARYDIR] Ransomware plan?



CAUTION: This email came from a non-OC system or external source. Beware of phishing and social engineering!



Kind of my thought too. Other than listing all service providers and having these contacts and their information maintained in an off-campus computer, and maybe doing backups that are stored off the main system, what else can we be doing for this scenario?



Susan A. Schreiner

Associate Dean for Library, eLearning, and Learning Support Services

Grays Harbor College

Aberdeen, WA 98520



From: LIBRARYDIR [mailto:librarydir-bounces at lists.ctc.edu] On Behalf Of Fuhrman, Tim via LIBRARYDIR
Sent: Wednesday, June 15, 2022 1:00 PM
To: WACTC Library Directors <librarydir at lists.ctc.edu<mailto:librarydir at lists.ctc.edu>>
Cc: Fuhrman, Tim <timf at bigbend.edu<mailto:timf at bigbend.edu>>
Subject: Re: [LIBRARYDIR] Ransomware plan?



Wouldn’t that be what we have THEM for?



______________________________________________________________

[cid:image001.jpg at 01D8815B.137436E0]


Tim Fuhrman

Director of Library Resources
& eLearning

Big Bend Community College

timf at bigbend.edu<mailto:timf at bigbend.edu>


509.793.2350
877.745.1212

www.bigbend.edu<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.bigbend.edu%2F&data=05%7C01%7Cecoe%40olympic.edu%7C6267c4c2209142f0479808da4f0a614f%7C5089378aab1544c0b1bad4f21ccc3085%7C1%7C0%7C637909203265828901%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mUlmtqrnLdITVMT53qXihELyfJ41OTnOa%2B9W70vIK7w%3D&reserved=0>


Bonaudi Library (ATEC/1800 Building)•7662 Chanute Street NE•Moses Lake, WA 98837-3299






From: LIBRARYDIR <librarydir-bounces at lists.ctc.edu<mailto:librarydir-bounces at lists.ctc.edu>> On Behalf Of Claire Murata via LIBRARYDIR
Sent: Wednesday, June 15, 2022 12:37 PM
To: WACTC Library Directors <librarydir at lists.ctc.edu<mailto:librarydir at lists.ctc.edu>>
Cc: Claire Murata <claire.murata at edmonds.edu<mailto:claire.murata at edmonds.edu>>
Subject: [LIBRARYDIR] Ransomware plan?



CAUTION: Originated outside our network. Do not click links or open attachments unless you validate the sender.




Hi all,



I hope your spring quarter is wrapping up well for you and your students!



Does your library have a plan for what to do if there is a ransomware attack? Our IT department has told everyone to make a plan, and I thought I would start with this group. Thanks in advance for your help, and if it's easier to talk than write, I would be happy to set up a call! Take care, Claire

Claire Murata, MLIS
Associate Dean, Library and Learning Resources
20000 68th Ave. W., Lynnwood WA 98036 | edmonds.edu<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fedmonds.edu%2F&data=05%7C01%7Cecoe%40olympic.edu%7C6267c4c2209142f0479808da4f0a614f%7C5089378aab1544c0b1bad4f21ccc3085%7C1%7C0%7C637909203265828901%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=2hAL%2FMhlrMhuNYr4Pb%2FsmCtGVGIB%2FcnobIKtIY2OrPo%3D&reserved=0>
claire.murata at edmonds.edu<mailto:claire.murata at edmonds.edu> | (425) 640-1522

[Image removed by sender. college logo]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ctc.edu/pipermail/librarydir_lists.ctc.edu/attachments/20220616/854117f8/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 5850 bytes
Desc: image001.jpg
URL: <http://lists.ctc.edu/pipermail/librarydir_lists.ctc.edu/attachments/20220616/854117f8/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 407 bytes
Desc: image002.jpg
URL: <http://lists.ctc.edu/pipermail/librarydir_lists.ctc.edu/attachments/20220616/854117f8/attachment-0001.jpg>

More information about the LIBRARYDIR mailing list