What to Do When the Government Gets Hacked

Written By Ini Augustine

During the last week of July 2025, the city of Saint Paul was hacked, exposing the personal data of state employees and leading to a citywide shutdown of government services. Wireless internet and web-based services in city buildings shut down, effecting government resources like public libraries. As of August 5th, certain city systems were still not back online, and now the North Saint Paul Sherriff’s Department has also been hacked. A state of emergency has been declared, the National Guard was activated, and the FBI is currently investigating this "deliberate, coordinated digital attack."

This is the latest in an increasingly prevalent trend of cyberattacks that have been sweeping the country. Government systems are often vulnerable targets themselves, which is why it is all the more important for individuals to take action to mitigate harm wherever possible. This article will explain common types of cyberattacks and specific actions you can take to protect yourself and your connected networks from them.

An computer screen shows a pop-up window alert with a yellow triangle with an exclamation mark and text that reads “System Hacked.”

Due to the sensitive nature of data contained in government systems, hacking and data breaches have become an accepted aspect of state operations, representing a new form of warfare. One of the most famous examples was the Stuxnet virus discovered in 2010, after it was found targeting “Supervisory Control and Data Acquisition” (SCADA) systems, which consist of network communications and user interfaces that control high-level machines and processes. Stuxnet is a cyberweapon that was specifically used to sabotage Iran’s nuclear program and had widespread effects beyond its intended target. Using Microsoft Windows to spread throughout the affected network, it infected over 200,000 computers, and caused 1,000 computers to physically degrade once infected with this virus. 

A network of computer desktops and their files connected to a globe in the center a large light blue web, all over a black background.

Since then, these types of attacks have also hit the United States. In 2023 alone, multiple US cities and municipalities were exposed to ransomware attacks and data breaches due to vulnerabilities in government websites and employee databases. In April of that year, the city of Chicago was subjected to a data breach that took advantage of a weakness in the city’s water billing system, which resulted in a personal data leak of over 50,000 residents. Though government systems may be vulnerable to attack, as a citizen you are still able to take mitigating steps toward ensuring your data is protected when and if your city is affected.

Have questions? Book a no-obligation consultation with a cybersecurity professional:

What do these attacks look like? Here is a breakdown of common cyberattacks:

  • Phishing - a type of cyberattack where the attacker sends an email or text message appearing to be from a legitimate source (such as your bank or employer). This message will contain an outside link or attachment that when clicked downloads harmful malware onto the unsuspecting victim’s device.

  • Malware - a type of software specifically designed to damage or disable a device. As mentioned above, malware may be spread through phishing links, email attachments, or by visiting infected websites.

  • Ransomware - a type of malware that encrypts a victim’s files and demands a payment (ransom) to decrypt them for the user.

  • Data Breach - a type of cyberattack where sensitive data (such as financial information, personal addresses or login credentials) is stolen from a computer system. They can be caused by hacking, malware, phishing and other factors.

  • Zero-Day Attack - a severe type of cyber attack that exploits a vulnerability or security hole in a computer system, unknown by a company or even web developers who could potentially mitigate attacks. Until the vulnerability is repaired, any attacker with access can exploit it.

Green text shows binary code over a black background, while in the center of the foreground, four pad locks are floating, three of which are shown locked and the fourth is unlocked.

What can be done? Any reputable cybersecurity systems should provide regular updates on new threats. It is recommended that company HR departments should conduct training on internet scams, viruses, and ransomware at least twice a year. Many hackers reuse past hacking methods, which makes it crucial to stay informed and on top of historical threats rather than solely focusing on new and novel ones. 

While individuals may feel powerless against state-sponsored attacks, everyone can take preventative steps to mitigate risk of cyberattack. Technologist Computers offers training and services to help you uncover your own vulnerabilities and tailored solutions to strengthen your cybersecurity posture.


Want to get started? Schedule your free consultation to assess your cybersecurity needs today:

Ini Augustine
Next

Celebrating Success: How Technologist Computers Helped Launch Maternal Care Clinic