Local state of emergency declared for cyberattack on City of St. Paul
Local, state and federal agencies are investigating a cyberattack against the City of St. Paul.
Gov. Tim Walz on Tuesday announced he has activated the Minnesota National Guard to assist in the response to the attack, at the city’s request.
According to the Governor’s Office, “the magnitude and complexity of the cybersecurity incident have exceeded the city’s response capacity.”
At a news conference on Tuesday, St. Paul Mayor Melvin Carter said the city has declared a local state of emergency to address the attack. The city also retained two national firms and activated its emergency operations center.
Cybersecurity protection systems initially detected suspicious activity on the city’s network on Friday, Carter said.
“This wasn’t a system glitch or technical error,” he said. “This was a deliberate, coordinated, digital attack, carried out by a sophisticated external actor, intentionally and criminally targeting our city’s information infrastructure.”
“We are the victims of a serious crime,” added Jaime Wascalus, director of the city’s Office of Technology and Communications. “In response, we have mobilized local, state and federal partners to support our investigation and response efforts. This incident remains active and we continue to assess it in real time.”
Several agencies are investigating the attack, including the FBI.
The city, on Monday, fully shut down its information systems “as a defensive measure to contain the threat.”
The disruptions are affecting access to online services and internal systems. The city added that some of its services may be temporarily delayed or unavailable. Carter added that 911 services are working as normal, though there have been “back-end challenges.”
Other impacts include loss of Wi-Fi in city buildings, disruptions to the libraries’ collections management systems and suspension of network access for several internal applications.
While city officials have not shared what information was accessed, and if anyone’s personal information was part of it, there are steps to take if people connected to the city have concerns.
If you go and check your credit score right now, there’s probably going to be nothing on there, but having credit monitoring in case information like your name and social security numbers were [involved] that would be very good to implement,” Brian Halbach, president of Good Guy Hackers LLC, said.
Halbach’s job is to try and hack their client’s cyber security measures — both virtual and physical — and says he’s worked with cities in the past. He has no connection to what’s unfolding in St. Paul.
Halbach says something as simple as protecting your passwords is a great step.
“If you use the same password for the City of St. Paul login portal and you use that for something else, make sure that they are unique and different, because the attackers, if they get that password, they will just try it everywhere they can,” Halbach said.
He adds he’s had success with getting through a client’s security because of reused passwords.
“Because we don’t know from the city as of yet how far the cyberattack went. We don’t know if they got some people’s personal information, banking information, anything like that. So for all of our members, we want them to contact their financial institutions, make sure their accounts are stable and haven’t been hacked,” said Bart Andersen, executive director of AFSCME Council 5.
“Some supervisors have told staff to take vacation due to the outages and the shutdown of email and things like that. This is not the employee’s choice, to be put out of work because of a breach of information, or a cyber-attack, or anything else,” Andersen added.
“It’s a little concerning we’re having an attack like that,” said Travis Edwards, a library patron. “We just learned that today, because of some computer issues they’re having, we’re unable to get these books, because we forgot our library cards. Today, in order to check out a book, you have to go through the old school manual way, writing down the bar code number from your library card and checking out a book that way.”
