This is a guest post by Bernard A. Barton Jr., chief information officer of the Library of Congress.
On Sunday morning, July 17, the Library became the target of a distributed denial of service (DDoS) network attack that resulted in the disruption of Library services and websites, including Congress.gov, the U.S. Copyright Office, the BARD service from the National Library Service for the Blind and Physically Handicapped, our many databases, and both incoming and outgoing email.
I’m pleased to report that our team of Library IT professionals and contract partners have returned our networked services to normal functionality. We did this while maintaining the security of the Library’s network.
This was a massive and sophisticated DNS assault, employing multiple forms of attack, adapting and changing on the fly. We’ve turned over key evidence to the appropriate authorities who will investigate and hopefully bring the instigators of this assault to justice.
We’re satisfied that we’ve fended off the attack and fortified our system for now, but we’ll continue to be vigilant and employ state-of-the-art security systems to effectively respond to these type of incidents in the future. This is not the first time that a large agency or organization has been targeted with this kind of denial of service, and it certainly won’t be the last.
I am grateful to our colleagues in other agencies across the federal government for their assistance and collaboration this week as we worked to restore full service.
I want to also thank our patrons and social media users, who’ve offered valuable feedback on specific problems they were experiencing in a timely way. This helped us work through ongoing isolated service issues once the broad system problems were resolved.
There may be some residual issues with parts of our system as full service is restored. If you’re still experiencing problems, please report them to us via our website comment form.