City officials in Minot, North Dakota, have confirmed that the municipal water treatment plant was targeted in a ransomware attack earlier this month, marking the latest in a series of cyber threats directed at critical U.S. infrastructure.
The breach, which was first discovered on March 14, prompted immediate emergency protocols to protect the city’s water supply. Despite the intrusion, Jennifer Kleen, Minot’s public information officer, stated that the water system remained fully operational and safe at all times. Upon detecting the threat, technicians disconnected the affected server, leading to a 16-hour period where staff performed manual operations, including frequent on-site inspections of water gauges to maintain proper pressure and safety standards.
The nature of the attack remains somewhat mysterious, as officials reported there was no direct demand for payment. According to Kleen, the only interaction with the hackers was a letter that appeared on a computer screen. That evidence has since been handed over to the FBI, and while local, state, and federal authorities have been notified, the FBI has declined to comment on the ongoing investigation. This incident highlights a growing vulnerability in the American water sector, which has faced a surge in cyberattacks from both criminal organizations and nation-state actors, including groups linked to Iran and China. Experts have long warned that a lack of funding and inconsistent cybersecurity regulations leave many of the nation's 50,000-person municipalities, like Minot, at risk for potentially catastrophic disruptions to their physical equipment and public health.
