Critical infrastructure operators at the water treatment plant in Minot, North Dakota, were forced to resort to manual processes when its Supervisory Control and Data Acquisition (SCADA) system became inoperable as a result of a March 14, 2026, ransomware attack. The attackers are unidentified, but it comes in the wake of the war in Iran, and both Iran and China are known to lead cyber-attacks against water utilities, which often have vulnerabilities that make them easy targets. Last month, the Water Information Sharing and Analysis Center, along with information sharing organizations for the auto, aviation, food, health, IT, national defense, oil and natural energy, and retail and hospitality industries issued a Joint Advisory to their members, including water facilities, warning them of increased cyberattacks from Iranian hackers, as well as physical attacks against critical infrastructure entities. The warning concluded by stating that “the threat environment is likely to remain highly volatile.”

Minot’s water system provides water to approximately 80,000 users. Although the water supply and quality were not affected by the attack, operators were required to manually read gauges for 16 hours while they uninstalled the compromised SCADA system. It has taken Minot over two weeks to spin up a new server.  

Since water facilities are a target for nation state cyber actors, the state of New York recently introduced cybersecurity standards for both drinking and wastewater treatment facilities. Other states will hopefully follow suit so the water supply and quality available will be less vulnerable to attack.

Critical infrastructure operators should be aware of the heightened risk, prepare for an attack, and test their incident response processes through a cybersecurity tabletop exercise that is designed to address a shut down so processes can be improved and services restored as efficiently as possible. We all depend on the basic necessities of food, water, electricity, and access to financial services, all of which could be downed by an attack and dramatically impact our lives. We depend on critical infrastructure operators to have measures in place to prevent and mitigate the effects of an attack.

Photo of Linn Foster Freedman Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her…

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Read more about Linn Foster Freedman
Show more Show less