Anne Arundel County Library computers were just exposed to a computer virus, prompting officials to take the computers out of service and ask customers to monitor personal information for fraudulent activity. About 600 terminals were reportedly breached.
It was announced Saturday that the computers were exposed to a virus called Emotet, which targets users through sophisticated email ruses. The nearly 600 computers make up all of the libary’s computers, public and staff, though officials don’t know how many of those computers were infected during the exposure.
Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors.
The 4,768 customers who have used public computers since Sept. 17, logged in with a library card, are being notified of the incident. The machines have been taken out of service. Library customer information within the organization’s database was not breached but computer users, especially those who used the computers for banking or social security information – are being encouraged to track their accounts for any signs of fraudulent activities.
Skip Auld: Libraries reach out to community –
“We deeply regret that this incident occurred. The protection of our customer’s personal information is our top priority. We are conducting a thorough investigation to learn how this happened and to prevent it from happening in the future,” Library CEO Hampton “Skip” Auld said in a statement.
Officials said only those using the computers may have been affected. Customers using Wi-Fi were not affected. The United States Computer Emergency Readiness Team (US-CERT) describes Emotet as an “advanced, modular banking Trojan” and is considered one of the “most costly and destructive malware affecting state, local, tribal, and territorial governments, and the private and public sector.”
As of July 2018, emails containing the virus have used branding such as PayPal receipts and shipping notifications to trick users, according to US-CERT. The virus takes hold and spreads after users click malicious links or other files within the email.
The virus was recently uncovered after staff began receiving an increased amount of email spam to library accounts, according to a news release detailing the incident. Computers began rebooting spontaneously and spread to public computers. Initially thought to be software update issues, officials confirmed it was a virus Thursday. Computers were pulled from service.
The library has since updated its “virus scanner system” to identify digital threats. Some library computers are expected to be operational Tuesday or Wednesday.