The IT Nerd

This is a first for me as I’ve never heard of the National Guard being brought in to help with a cyberattack. But that’s apparently happening in Minnesota:

Minnesota Gov. Tim Walz has activated the state’s National Guard following a cyberattack on the state’s capital, Saint Paul. City officials have not yet disclosed the nature of the cyberattack, but the July 25 breach continues to disrupt city operations and some public services. 

Saint Paul is one of the largest cities in the U.S. with more than 300,000 residents, and is the latest in a list of major cities targeted by hackers and ransomware gangs in recent years.

In a statement on Tuesday, Walz said he authorized the National Guard’s cyber forces at the city’s request to help Saint Paul recover from the cyberattack, saying the “magnitude and complexity” of the breach exceeded the city’s capacity to respond to the incident.

The National Guard will help to “ensure continuity of vital services and the safety and security of Saint Paul residents,” Walz said. 

Saint Paul Mayor Melvin Carter said in a press conference on Tuesday that the city took its government systems offline to contain the intruders, which sparked a citywide Wi-Fi outage.

Carter added that the city does not store much data on its residents, but said there was a risk that data on city employees had been stolen. 

Paul Bischoff, Consumer Privacy Advocate at Comparitech had this to say: 

“This attack has all the signs of ransomware. Ransomware attacks hit local governments all the time, from small rural counties to larger cities like St. Paul. Comparitech researchers have logged 45 confirmed ransomware attacks on US government entities in 2025 to date. These attacks can both steal data and lock down computer systems. City officials must either pay a ransom to restore systems and prevent the release of stolen data, or face extended downtime, data loss, and putting residents at risk of fraud. St. Paul residents should expect a letter from the city in the next few months notifying them if their data was compromised. I don’t fully understand what purpose the National Guard serves here. Most cities and counties go to the FBI for help with data breaches.”

Chris Hauk, Consumer Privacy Champion at Pixel Privacy follows with this:

“Calling in the National Guard for a cyberattack is a new approach, I have not heard of that before. This has all the earmarks of a cyberattack using ransomware, which usually not only holds the affected system’s hostage, but also harvests data from those same systems. Hopefully, the state will be able to determine what data has been stolen and will inform affected citizens of what was harvested. Until then, St. Paul citizens and companies working with the city need to remain on alert for phishing attempts, and other attempts by bad actors attempting to leverage the harvested information.”

Whatever is going on, it’s clearly severe enough to take this action. This illustrates the effects that cyberattacks can have on organizations. Which also illustrates the need to lock environments down so that they don’t get pwned and require this level of response.

This entry was posted on July 30, 2025 at 12:19 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.