The Calgary Public Library (CPL) is still assessing the damage that was done to its systems after a cyberattack forced the closure of all 22 of its physical locations last week.
Speaking on The Homestretch on Tuesday, Mary Kapusta, director of communications and engagement at CPL, said as the library investigates the hack, its locations will reopen with modified service Wednesday.
“We’re making some steps towards reopening as securely as we can and providing as much service as we can, but it’s still not business as usual,” Kapusta said.
CPL is still in the early stages of its investigation to find out what happened and determine the scale of the impact that the cyberattack had on its systems.
“We don’t have any details to share. As we learn, we certainly will be reporting back to the public and our staff. But for right now, the investigation is ongoing,” she said.
Kapusta added libraries across North America are being targeted by hackers, and the CPL is encouraged that its cybersecurity monitoring team was able to detect the breach when it happened.
In 2023, a cyberattack on the Toronto Public Library paralyzed its computer systems for months. Kapusta said Toronto has been an incredible resource in helping to decide what steps the CPL should take next as it deals with the hacking fallout.
“With Toronto sharing their lessons — for instance, what can you do without technology? Understanding your infrastructure, understanding your staff training component. Those are all things that we learned and started applying, certainly, in the ripples of their incident,” Kapusta said.
She also said the CPL is working alongside the City of Calgary’s technology teams as well as other security consultants to address the breach.
“We have brought in additional resources to help us quickly identify what’s going on … and, of course, make sure that we’re working and providing the right information and access to our partners, like the city,” Kapusta said.
“We are still trying to identify everything that went down and to see what steps we have to take going forward. And we will be reporting that as soon as we can. Right now, we don’t have that information.”
Kapusta said the library will not bring its systems back online until it is sure things are secure.
She encouraged library users to visit the CPL website to better understand what can and can’t be done at its locations when they reopen Wednesday.
Cybersecurity expert Tom Keenan, a professor in the school of architecture, planning and landscape at the University of Calgary,, told the Calgary Eyeopener on Tuesday it wasn’t a question of if CPL would be targeted by a cyberattack, but when.
“That’s true for just about everybody. The University of Calgary had a ransomware attack a few years ago,’ Keenan said. “No matter how good your cybersecurity is, there are bad guys trying to get ya.”
Keenan said it’s possible Calgary could go through something similar to what Toronto went through, depending on the type of hack.
There are two major types of cyberattacks, according to Keenan.
The goal of one, called a ransomware attack, is typically to extort the victim into paying a large sum of money to retrieve the data they lost.
In the other type, criminals will steal data with the intention of using it for malicious reasons, such as identity theft or fraud.
Keenan said an effective way of protecting yourself from ransomware is to have several backup copies of your data, stored in different locations. He also said to beware of scammers who may target library users using personal information that was possibly stolen in the hack.
It’s also a good idea to change your password to something completely new to prevent being targeted by hackers, Keenan said.