By REBECCA RUTHERFORD
Los Alamos
For the Los Alamos Daily Post
The city of St. Paul, Minn., was the latest target of a cyber-attack, bringing city systems and services to a grinding halt. The attack was first detected on July 25 and still appears to be affecting city services. The impact to the city was so great that Gov. Tim Walz had to call in the National Guard, which also has a cyber component.
What happened? What we know so far – the city first noticed suspicious activity in their systems on the morning of July 25. Leadership shut down access to that system and then shut down internet access to the entire city network that Tuesday. Emergency services did not appear to be compromised.
The city has said they are working with two cyber security firms and the FBI to recover systems.
As always, details of the actual attack are slim. That said, this certainly looks like a ransomware attack, as services are completely down. The city systems are likely being held in an offline state until they can be recovered either via backups or paying a ransom to the bad actors.
As city systems remain down, residents are unable to access services they are used to being able to online and are forced to interact in person. This has led to some invoice themed phishing scams to city vendors claiming to be the city and trying to collect on invoices due.
The larger issue in this kind of attack isn’t so much the loss of services (certainly a pain in the butt!) as it is the potential for a data breach. While the city did take all city systems offline on the Tuesday after the attack, that is still an entire weekend plus a few days the attackers had to rummage around in the systems and possibly exfiltrate sensitive data.
While the city says it doesn’t keep sensitive data on residents in systems, a larger concern would be sensitive data on city employees. In my opinion, even if the data on customers isn’t “sensitive” the data could certainly be used to help scam customers via various phishing scams. Even having an email address, and context of type of communications could be extremely valuable to a scammer.
When you see news about a cyber-attack, your first question as a consumer should be, how does this attack potentially expose me to phishing or other attacks? Chances are that a data breach announcement will follow most cyber-attacks, so it’s good to be prepared and aware that an attack could be headed your way. Be suspicious of any communications coming from this company or organization that seem a bit off. If something feels weird, it probably is! Reach out directly to the company/organization via a separate communication channel to verify.
Local governments are increasingly targeted by this kind of attack, so be aware that something like this could hit closer to home. Los Alamos, Santa Fe, Espanola, etc. are all targets for attacks like this, and to be honest any of us are just a click away from a cyber incident.
Be aware of potential phishing and other attacks, a phishing attack can be the foothold to let attackers in for more complex attacks like ransomware. If you are a business or other entity, make sure your users are cyber aware and receive regular training. If you are a home user, be suspicious of everything in the digital world, and be aware that you are being targeted by a wide array of scammers at any given time.
Cyber-security meme
Cyber-security meme


































