North St. paul Hit by Cyberattack, City Council approves Emergency Contract
NORTH ST. PAUL, MN – The City of North St. Paul is responding to a recent cyberattack targeting its police department, potentially compromising sensitive data. The City Council convened an emergency meeting on Monday, December 11, 2023, to authorize a contract wiht cybersecurity experts to investigate and mitigate the breach.
The nature and extent of the cyberattack remain under examination. The council unanimously approved a contract with the McDonald Hopkins law firm,leveraging their Arete forensics division to conduct a thorough business email compromise (BEC) investigation. The initial cost for this forensic analysis is set at a minimum of $5,000.
City officials indicated they possess cyber insurance coverage and anticipate that expenses exceeding the deductible will be reimbursed. The timing of the attack is currently unknown, but the city is prioritizing a swift and comprehensive response to contain the damage and restore confidence in its systems.
This incident occurs amidst ongoing recovery efforts in neighboring St. Paul, which experienced a meaningful cyberattack earlier this month. St. Paul’s systems remain partially disrupted more than a week after the initial breach, highlighting the growing threat of cyberattacks targeting municipal governments.
Understanding Business Email Compromise (BEC) attacks: BEC attacks are a sophisticated type of cyber fraud where criminals target employees with access to financial transactions. They typically involve impersonating a trusted individual, such as a CEO or vendor, to trick employees into transferring funds or divulging sensitive information. These attacks are increasingly common and can result in substantial financial losses for organizations.
Cybersecurity in Minnesota Municipalities: Minnesota cities, like many across the nation, are increasingly vulnerable to cyberattacks. Limited resources and aging infrastructure frequently enough make it challenging for local governments to implement robust cybersecurity measures. The recent attacks on both North St. Paul and St. Paul underscore the need for increased investment in cybersecurity infrastructure and training at the municipal level.
RELATED: St. Paul City Council extends local state of emergency following cyberattack
RELATED: St. Paul says emergency services ‘fully operational’ in wake of cyberattack
