Governor of Minnesota mobilizes military forces following St. Paul's cyber-assault
Saint Paul, Minnesota, has been hit by a deliberate and coordinated cyberattack by a sophisticated external actor, causing significant disruptions to its digital infrastructure[1][2][4]. The incident was first detected on July 25, 2025, leading to the full shutdown of the city's information systems as a defensive measure[1][2][4].
Key developments in the attack and response include:
- Initial Detection and Response: The attack was detected by an automated "endpoint detection response system" that alerted city officials to suspicious "nefarious script activity" on Friday, July 25. The city's cybersecurity team, including Chief Information Security Officer Stefanie Horvath, quickly mobilized to contain the threat[1][4].
- Impact: The attack forced St. Paul to shut down much of its digital infrastructure, affecting online services and internal systems. Although 911 services continued to operate, they faced backend challenges. City officials declared a local state of emergency to manage the incident[2].
- Investigations and Partnerships: The FBI is leading the criminal investigation. St. Paul is collaborating with state agencies, the Minnesota National Guard’s cyber protection units, and two private national cybersecurity firms. These partnerships aim to investigate, contain the damage, and restore systems[1][2][3].
- Government Actions: Governor Tim Walz activated the Minnesota National Guard cyber forces to support the city's response, acknowledging the attack's magnitude and complexity surpassed local response capabilities. The Guard is working alongside city, state, and federal officials to resolve the situation and minimize lasting impacts[1][2][3].
- Ongoing Status: As of July 30, 2025, the emergency response and investigation are ongoing, with the city continuing to assess the attack in real time and take defensive measures to protect its information infrastructure[1][2].
- Services Affected: Wi-fi is out at city buildings, libraries, and recreation centers due to the cyberattack. Online payment systems are still unavailable due to ongoing network disruptions[5].
- No Ransom Demands: No ransom demands have been publicly reported, and the motive remains undisclosed by city officials[1][2]. The city emphasizes that they are victims of a serious cybercrime and are committed to restoring cybersecurity swiftly while maintaining public safety[1][3][4].
As the investigation continues, Saint Paul and its partners will work tirelessly to restore normal operations and safeguard the city's digital infrastructure against future threats.
[1] https://www.startribune.com/st-paul-cyberattack-mayor-melvin-carter-says-city-is-working-to-restore-its-systems/600193866/ [2] https://www.twincities.com/2025/07/30/st-paul-cyberattack-mayor-melvin-carter-says-city-is-working-to-restore-its-systems/ [3] https://www.pioneerpress.com/2025/07/30/st-paul-cyberattack-mayor-melvin-carter-says-city-is-working-to-restore-its-systems/ [4] https://www.kare11.com/news/local-new/st-paul-cyberattack-mayor-melvin-carter-says-city-is-working-to-restore-its-systems/ [5] https://www.cityofstpaul.org/news/2025/07/30/cyberattack-update-july-30-2025
- The cyberattack that hit Saint Paul, Minnesota, is being investigated by the FBI, state agencies, the Minnesota National Guard’s cyber protection units, and two private national cybersecurity firms, as they aim to contain the damage, restore systems, and safeguard the city's digital infrastructure against future threats.
- The recent cybersecurity breach in Saint Paul has prompted Governor Tim Walz to activate the Minnesota National Guard cyber forces to support the city's response, recognizing the complexity of the attack surpassed local response capabilities.
- The city of Saint Paul, in collaboration with its partners, is implementing AI and advanced cybersecurity technology to investigate the cyberattack, strengthen its defense systems, and ensure the resilience of its general-news, crime-and-justice digital infrastructure.
