A water treatment plant serving the city of Minot, North Dakota, was targeted by ransomware two weeks ago. City officials confirmed the incident to **Recorded Future News**, emphasizing that the water treatment plant and all related facilities remained fully operational and safe throughout the event. ### Incident Details According to Jennifer Kleen, the city’s public information officer, the attack did not involve a direct demand for money or any interaction beyond a ransom note displayed on a screen. The incident has been reported to local, state, and federal authorities. When asked about the identity of the attackers, Kleen stated that the ransom note is now in the custody of the **FBI** as part of their investigation. The FBI has not yet commented on the matter. The ransomware attack was discovered on March 14, according to a notice from the city of Minot, which has a population of approximately 50,000. ### Response and Mitigation City officials responded by disconnecting the affected server and implementing manual procedures for approximately 16 hours. This involved frequent, on-site monitoring of water gauges. "During this event, we had two goals: To be sure our water remained safe, and to ensure proper pressure was maintained in all water storage facilities. Both goals were accomplished thanks to a timely response from all departments involved," the city's statement said. ### Growing Concerns Over Water Utility Security Water utilities have increasingly become targets of cyberattacks from both cybercriminals and nation-state actors. This is often attributed to insufficient funding for robust security measures. Some states have begun to address this issue by providing funding and implementing stricter cybersecurity regulations. However, water industry lobbyist groups have previously resisted federal efforts to establish basic cybersecurity rules. The issue has gained prominence due to recent campaigns by groups linked to **Iran** and **China** targeting the water sector. Federal officials have expressed concerns about a potential rise in cyberattacks on water utilities by Iranian groups, particularly those connected to the Islamic Revolutionary Guard Corps, which were responsible for attacks targeting U.S. water utilities in 2023 and 2024. While these incidents primarily involved defacements of utility technology, officials warned that attackers could exploit their access to gain deeper network-level access, potentially causing physical damage to equipment or other more serious consequences.