[ISN] Libraries 1, hacker 0 in showdown

From: InfoSec News (isn@private)
Date: Thu Jul 14 2005 - 22:33:21 PDT


http://www.pioneerlocal.com/cgi-bin/ppo-story/localnews/current/gl/07-14-05-632905.html

BY JOHN P. KELLY 
STAFF WRITER 
July 14, 2005

Twenty-two suburban libraries were thrust into the predigital dark
ages last week after a hacker hijacked their central computer server.

Names, phone numbers and addresses for nearly 480,000 patrons in the
suburban library consortium Cooperative Computer Services were
vulnerable, though apparently left untouched in what culminated in a
three-day tit-for-tat between technicians at the Arlington
Heights-based company and the hacker.

"We're confident we have defeated the intruder without any data loss
or lasting damage," Administrator Richard Shurman said.


June infiltration

The hacker, who may have infiltrated the system sometime in June, used
the server as a haven to set up an illegal online file sharing
network, Shurman said.

Technical consultants were called in last week to combat the hacker
and, as a security measure, temporarily crippled the computer network
that links the libraries' circulation and catalog information. They
also disabled iBistro, an online catalog that lets patrons check book
availability from home.

The move caused libraries from Wilmette to Cary to resort to
old-fashioned methods of checking out material and -- with card
catalogs largely purged in the 1990s -- guesswork to locate books on
the shelf.

By Monday afternoon, the internal network was expected to be almost
fully restored, though iBistro was off-line until Tuesday.


Back to basics

Several patrons who check book availability and reserve materials
online called the Winnetka-Northfield Public Library District to find
out why the system was down, Library Director Barbara Aron said.

"It was totally out of our control," Aron said.

Library staff members resorted to hand-writing check-out slips and
couldn't check in books that had been returned late last week.

Shurman said an investigation was ongoing but refused to say whether
law enforcement officials were involved.

"At this point, I need to be kind of close mouthed about it," Shurman
said.

Thom Morris, library computer services administrator at the Northbrook
Public Library, said it took two to three times longer to track down
books, if they could be found at all, during the three days the system
was down.

Morris said a "primitive" back-up system was used to record when
patrons checked out books and said the break down was a "huge
inconvenience for library staff and patrons."

Shurman said Cooperative Computer Services will fast-track a software
upgrade that was planned for later this year and said the incident
would result in a financial setback of less than $10,000.


Minor disruptions

Peggy Hamil, executive director of the Glencoe Public Library, said
librarians in the area were surprised to learn of the security breach
but said it caused only minor disruptions at the library.

Hamil decided not to notify patrons of the hacking because no valuable
personal data was susceptible and an alert would be "more disturbing
than informative."

"This is simply a reminder that nothing is ever completely safe from
the efforts of someone with malicious intent and technical knowledge,"  
Hamil said. Daniel Walters, president of the Public Library
Association, said libraries have been "sporadic targets" of malicious
cyber attacks, but the aim is generally the destruction, not theft, of
data.




_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 - 
2,000+ international security experts, 
10 tracks, no vendor pitches.
www.blackhat.com 



This archive was generated by hypermail 2.1.3 : Thu Jul 14 2005 - 23:11:14 PDT