Published on July 22nd, 2019 📆 | 6985 Views ⚑
0Hackers Attacked the Asian Art Museum of San Francisco. Are Other Cultural Institutions Next?
In recent months, ransomware attacks have debilitated local governments in Baltimore and Atlanta and sought to extort millions of dollars from small school districts and colleges. Now, museums appear to be under threat as well. And their ties to wealthy donors make them a particularly appealing mark, experts say.
News recently surfaced that hackers targeted the Asian Art Museum in San Francisco in a ransomware attack in May. The museum was able fight back, enlisting the cityâs IT security experts to regain control of its computer network. But the incident raises concerns about the vulnerability of cultural institutions when it comes to cyber security.
âIâm surprised that hacking hasnât happened at more museums,â Tyler Cohen Wood, a cyber security consultant and the former cyber deputy chief of the Defense Intelligence Agency, told artnet News. âHackers are interested in getting personal information, something thatâs of monetary valueâsuch as âthese donors have this artwork and theyâre going to donate this at this time.'â
It might sound like the plot of a dramatic Hollywood blockbuster, but according to Wood, itâs well within the realm of possibility that hackers might target an art museum in order to plan a robbery.
The San Francisco hacking attempt was first reported by the cityâs local ABC affiliate, which confirmed that the museum refused to pay the demanded ransom, in keeping with official city policy. According to the news outlet, almost a dozen cities across the country have fallen victim to this growing threat. Often deployed by tricking users into downloading what appear to be legitimate files, ransomware is a type of malware where the hacker threatens to publish or block access to the victimâs data unless a ransom is paid.
âWe do not know who attacked us and we did not communicate with them,â said Tim Hallman, the museumâs director of communications and business development, in an email to artnet News. He declined to provide details about the nature of the attack or the tactics used to overcome it. (âWe donât want to invite scrutiny or challenges from malefactors,â he said.)
Â
How to Protect Your Institution
To protect themselves, âmuseums, like all public and private institutions, need to have proper up-to-date intrusion and malware protection on their systems,â Wood said. But itâs also critical, he explained, to understand the importance of the human element: most ransomware is introduced via phishing scams over emailâand they have become increasingly sophisticated. That means museums need to hold regular training programs to educate employees to avoid clicking suspicious links or downloads and teach them how to respond should they accidentally download malware.
âOne of the most important things to teach the users on your network is if they do see a ransomware box pop up, based on company policy, they want to immediately disconnect that computer from the network, whether thatâs the wireless or they have to physically pull the plug,â Wood warned. That way, the malware will stay contained on the userâs computer, rather than infecting the entire network.
Another important step: keeping your most valuable information under digital lock and key. âOne of the biggest things that an organization wants to do is to make sure that the crown jewels, no pun intendedâthe passwords and the private or personal informationâis completely segmented off from their regular network,â Wood explained. âThey should have access controls in place so that if someone does get into one of the computers, they canât jump into the most important network.â (This is all the more critical in the case of government museums, which should have separate network from cities and other municipal groups.)
Remarkably, the Asian Art Museum attack did little to disrupt the museumâs normal activities. âThroughout, we kept our doors open, welcoming visitors to the galleries, store, and cafĂŠ,â insisted Hallman. âWe never canceled any programs, and construction on our expansion was not impacted and remains on track for completion next spring.â
âWe have really reached a point where security has to be a part of everybodyâs job,â Wood said. âJust having training course are good, but itâs not enough. We live in a digital world, so becoming more vigilant the best way to secure our data and information.â
Follow artnet News on Facebook:
Want to stay ahead of the art world? Subscribe to our newsletter to get the breaking news, eye-opening interviews, and incisive critical takes that drive the conversation forward.
Gloss