Winona County is scrambling to dig out from a ransomware hit that knocked parts of its computer network offline and pushed local leaders to formally declare an emergency. While the county works behind the scenes with outside experts to figure out what happened and what was affected, officials insist the most critical services are still up and running.
What officials say
In a Friday press release, county officials said they had "recently identified and responded to a ransomware incident affecting our computer network" and immediately opened an investigation, according to Winona County. The county said it has brought in third-party cybersecurity and data-forensics specialists and is coordinating with local, state, and federal law enforcement while teams test and analyze systems. Officials publicly thanked those outside experts and urged residents to be patient as business-continuity plans are rolled out.
Local coverage reported that County Board Chair and Commissioner Chris M. Meyer signed a declaration of local emergency and that the county statement did not spell out exactly when the breach took place, as reported by KSTP. That reporting also placed Winona among several Minnesota jurisdictions that have been hit by cyber incidents over the past year.
Operations and response
County leaders say 911, fire, and other emergency-response services are still operating while staff run tests to gauge how far the outage extends. Local television reporting also noted that county IT staff are working alongside outside forensics firms as systems are gradually brought back online, according to KTTC. In the meantime, county offices have activated business-continuity measures to keep essential services moving while nonessential systems remain offline.
Closed session and next steps
The county has posted notice that the board will meet in a closed session on Tuesday at 5:30 p.m. to discuss networking infrastructure at the County Office Building at 202 West Third Street, according to Winona County. The session will be held under a Minnesota statute that permits closed-door discussions of security matters. Officials say they plan to share more information publicly as the investigation moves forward and they learn more about the impact.
How this fits into a larger trend
Winona’s ransomware trouble comes as municipal cyber incidents continue to surge across Minnesota and the rest of the country. Last summer, a major cyberattack in St. Paul led officials to shut down systems and call in the Minnesota National Guard’s cyber protection team, a move that highlighted how quickly local government services can be thrown into chaos, according to The Guardian. Security experts have warned that smaller counties often face the greatest risk because of aging technology and tight IT budgets.
What residents should know
Winona County says it will keep residents updated as the probe continues, and local reporting has urged people to follow official county channels for the latest on service changes and guidance, according to the Post Bulletin. For now, emergency responders remain reachable, and county officials are asking residents to rely on phone lines or visit in-person offices for urgent business until the affected systems are fully restored.
