What Can We Learn From the Library of Congress’ Recent Hack Attack?
Believe it or not, there’s more news in Washington D.C. than matters concerning the upcoming election–namely the fact that the Library of Congress was struck by a DoS (Denial of Service) attack in July, supporting the members of government in their calls for an apparently much-needed update to the Library’s systems.
While the average American is most likely more aware of the Library’s function of cataloging the written works of the world, it actually serves many more purposes. Congress naturally relies on it, but mainly for its intelligence resources and tracking of legislation. However, with the Library’s systems in their current unreliable state, those who critically need to collect information for their duties are forced to use a faulty infrastructure that might not deserve a user’s full trust.
Despite the Library being one of the first government institutions to utilize the Internet in 1996, chronic mismanagement since 2002 has had a negative effect upon the Library’s systems. Contractors were mishandled, budgets miscalculated, management failed frequently, and IT services became a mess.
Much of the blame has also been placed on one of the former librarians responsible for managing the library. During their 28 year tenure, there was an apparent resistance to the implementation of any new technologies–including the reigning librarian’s reported refusal to use email.
More recently, the Library has struggled to keep a CIO, only hiring a permanent employee after the Government Accountability Office (GAO) tore apart the Library’s IT in its 2015 report. Additionally, while the GAO estimates the Library to spend $120 million in its IT, their records of these transactions leave much to be desired. The Library also has failed to keep an accurate inventory of its assets, reporting less than 6,500 computers available when the true total is somewhere nearer to 18,000–almost three times the amount stated in the Library’s report.
The issues of the Library have even spread to separate government offices that just happen to be under its shadow. The copyright office, for example, is so pervasively paper-based that many records are still card-catalogued, and must still share the Library’s antiquated system.
IT providers can learn many lessons from the plight of the Library, first and foremost being that resistance to change–only because it’s change–is no way to manage any organization; be it a national institution or a small business. As evidenced by the Library’s struggles, dedication to the old way of doing things has a time and place, neither of which may be found in a forward-thinking establishment.
Furthermore, automation could have potentially prevented many of the Library’s woes, especially if implemented as part of a managed services strategy. By automating recordkeeping and keeping a regular schedule of IT improvements, the Library could have greatly reduced the issues they are facing today.
Today, the Library’s fate is looking considerably more positive, as Congress is pushing a bill to set term limits on a Librarian of Congress’s time to a decade, and the new Librarian–Carla Hayden–has a rich and successful history of library reform and technological implementation in some very difficult regions. With the former President of the American Library Association at the helm, the Library’s future is looking considerably brighter.