skip to content
Primary navigation

Securing the State: What is the Threat to Minnesotans?

Minnesota IT Services supports more than 35,000 users and secures the private data of 5.5 million Minnesotans. We also serve Minnesotans by connecting all 87 counties, 300 cities, and 200 public higher education campuses across the state. At this moment, information security is facing unprecedented challenges and extraordinary opportunities. Advanced attacks are becoming more sophisticated and more common, testing the limits of existing capabilities. The push to digitize government compounds this problem, significantly expanding the volume of sensitive data vulnerable to attack.

  • We must secure Minnesota’s IT systems. Our technology systems keep state government running. If they go down due to cyber-attacks or other issues, millions of Minnesotans’ private data, over $28 billion in annual transactions, and over 300,000 daily transactions are at risk.

  • A major cyber-attack could jeopardize public safety and disrupt Minnesotans’ daily lives. Nearly every critical government function and service relies on IT. Outdated or unsupported technology puts essential functions at risk.

  • Minnesota IT Services’ plan to solidify the state’s cyber-defenses must be funded and implemented aggressively. Minnesota IT Services’ plan is to reduce the attack surface by consolidating state systems in highly-secure enterprise-level data centers and implementing shared advanced security and monitoring tools.

  • The cost of doing nothing is too great. The cost of failing to bolster our cyber defenses could be staggering. A “South-Carolina-sized” breach would require the state to pay millions in identity theft protection costs, lead to millions of dollars in consumer fraud losses, and significantly diminish public trust in state government.

Fast Facts & Figures

1,300
Locations

icon of the State of Minnesota

We secure and manage systems at over 1,300 locations across Minnesota.

3 Million
Times

icon of a pad lock

The State of Minnesota’s systems are probed and scanned more than 3 million times each day.

150
Countries

icon of the earth

Every day, we face constant global threats originating from more than 150 countries.

High Profile Cybersecurity Incidents

These cybersecurity incidents are just a few examples of the kinds of threats currently facing the state of Minnesota – threats that are only growing in sophistication and precision.

Atlanta. On March 22, 2018, a ransomware attack hit the city of Atlanta’s computer systems, demanding payment for the release of encrypted data. The attack affected internal programs and customer-facing applications that allowed residents to pay bills. A week later, the city could not process new water service requests online, and citizens who needed to finalize issues or pay fines at the Atlanta Municipal Court were being turned away. At this time, the extent of the attack is unclear.

Mecklenberg County. On December 5, 2017, a ransomware attack hit Mecklenburg County in North Carolina, slowing services as county workers implemented paper processes to keep work flowing. The hackers demanded payment and limited residents’ abilities to apply for vacant county jobs, pay property taxes, register deeds, perform air quality services, complete building code inspections, make park reservations, enforce child support, and make automated payments. Services took around one month to be fully restored.

Equifax. As one of the nation’s three credit reporting agencies, Equifax housed millions of American’s sensitive data. From mid-May through July 2017, hackers accessed people’s names, Social Security numbers, birth dates, addresses, driver’s license numbers, and some credit card information. 147.9 million US consumers were impacted by this incident, with details continuing to emerge months later about the extent of the impact.

WannaCry. This May 2017 worldwide ransomware attack targeted computers running on Microsoft Windows operating systems and demanded bitcoin ransom payments. This attack spread quickly as it encrypted data on at least 75,000 computers in 99 countries. Notably, the National Health Service hospitals in England and Scotland were rendered unable to access patient data, and some ambulances were diverted and patients were turned away as a result.

Guccifer. Guccifer is the moniker for a Romanian hacker named Marcel Hele Lazar, who targeted public figures, government leaders, business executives, and celebrities in the United States and abroad. He accessed personal email and social media accounts belonging to around 100 Americans, stored their personal data, and sold it to media outlets. His admitted victims include an immediate family member of two former US presidents, a former member of the US Cabinet, a former member of the US Joint Chiefs of Staff, and a former presidential advisor. On September 1, 2016, he was sentenced to 52 months in prison for unauthorized access to a protected computer and aggravated identity theft.

back to top