Library CIO Bernard A. Barton, who took over the top tech job in September 2015, said that implementing fixes to aging IT systems and problems identified by the GAO would be a big part of his job.
There was no information on the source of the attack, which comes just a few days after Carla Hayden was confirmed by the Senate as the Librarian of Congress. In an April confirmation hearing, Hayden pledged to modernize library systems.
Cybersecurity at the Library has come under fire from watchdogs before. The Government Accountability Office issued a limited distribution report in June 2015 identifying a host of technical weaknesses in the Library’s information security posture, along with 74 suggestions for remediation. GAO identified weaknesses in patch management, boundary protection, configuration management and other areas. The report is not public, but was mentioned in a footnote in Dec. 2015 testimony from a GAO IT specialist.
The Library’s mission to archive the world’s literature and research. But Congress, librarians, and specialized policy wonks are more familiar with the Library’s many other functions, including the intelligence gatherer, legislative tracker, governance think tank, and intellectual property bureaucracy. The library’s dysfunction is bad news for Congressional staff, and the researchers and scholars who defend on the archives of American history and information on the world’s most unstable regions.
Government investigations as far back as 2002 have highlighted the mismanagement of contractors, budget, overall management, and IT services. Many government watchdogs and library scholars also point to the former librarian, Dr. James Billington. Serving 28 years in the position, Billington had a reputation for both being difficult manager and an infamous luddite, even reportedly requesting at times that staff fax him at home and refusing to use email.