From: Ian Gibson <[log in to unmask]> Date: Mon, 8 Jul 2019 12:08:44 +0000 I'll start with your last question - "is that of a level sufficient to also counter the effect of RG downloads do you think?" For last year I'm positive that downloads from compromised accounts at MPOW was far in excess of what our folks were downloading from RG (and probably SciHub too) - e.g. in May 2018 downloads of Wiley content were 10x higher than the previous year and pretty much every other major publisher was similar). I should add that as soon as our security folks did some magic on their end in June our usage patterns reverted back to historical norms. The other point I should make here is that even though usage was off the charts crazy a few months we had only a few instances where vendors disabled access. To your first paragraph: * IT described to us how the attacks worked but my notes aren't great. The most interesting aspect of all this was that they said there's rarely any attempt to use compromised credentials to do anything other than download library content (and gather more email addresses for phishing attacks). * We asked them if they thought moving away from proxy access (e.g. RA21/OpenAthens/etc) would help and their response was that only systems utilizing 2+ factor authentication are going to solve this problem. They are currently looking at 2FA solutions to implement campus wide but the timeline on that is unknown. Cheers, Ian Ian Gibson, MISt Acting Head, Collections Services Brock University | Brock University Library Niagara Region | 1812 Sir Isaac Brock Way | St. Catharines, Ontario L2S 3A1 E [log in to unmask] | T 905 688 5550 x6223 | @IanGibson11 ________________________________ From: "Hinchliffe, Lisa W" <[log in to unmask]> Date: Sun, 7 Jul 2019 20:01:46 +0000 Could you say a bit more about what you are learning from your campus IT folks? Are you saying that they are seeing multiple compromises of accounts that result in downloading the same content multiple times to different sites? Even if that is the case though ... is that of a level sufficient to also counter the effect of RG downloads do you think? Lisa -- Lisa Janicke Hinchliffe Professor/ Coordinator for Information Literacy Services and Instruction University Library, University of Illinois, 1408 West Gregory Drive, Urbana, Illinois 61801 [log in to unmask], 217-333-1323 (v), 217-244-4358 (f) ________________________________ From: Ian Gibson <[log in to unmask]> Date: Thu, 4 Jul 2019 18:38:50 +0000 Apologies for responding to something so far back on the thread but the impact on usage stats cuts both ways. On the one hand people go to SciHub (and other sites that use compromised credentials to get at the literature) and download stuff that they could have got from the library and that drives down our usage totals. On the other hand compromised credentials (used by SciHub and elsewhere) also generate usage stats as they harvest things which messes up your stats in the other direction. In the past I would have been comfortable saying that the impact of the former is much greater than the impact of the latter. After talking to our campus IT security folks I'm not nearly as confident. Cheers, Ian Ian Gibson, MISt Acting Head, Collections Services Brock University | Brock University Library Niagara Region | 1812 Sir Isaac Brock Way | St. Catharines, Ontario L2S 3A1 E [log in to unmask] | T 905 688 5550 x6223 | @IanGibson11 ________________________________ From: "Hinchliffe, Lisa W" <[log in to unmask]> Date: Thu, 27 Jun 2019 23:20:00 +0000 But surely usage is considered? And as usage goes elsewhere it devalues the big deal because the cost per download goes up. Librarians don't have to be endorsing or encouraging use of ResearchGate (or SciHub), whether to access licit or illicit copies, for the reality of that use to be impacting on ata that effects library subscriptions to content? Lisa Janicke Hinchliffe [log in to unmask] [SNIP]