BISMARCK – The North Dakota Department of Mineral Resources was attacked by ransomware last week, but the threat was identified quickly and files have since been restored.

A computer within the agency that regulates North Dakota’s oil and gas industry became infected with a type of malicious software known as ransomware that blocks access to a computer system until a sum of money is paid.

An employee noticed something was wrong last Thursday and the agency immediately shut down its servers, said department spokeswoman Alison Ritter.

The malicious software caused files to become encrypted, Ritter said. The department did not pay the fee that was requested to restore the files, which was initially $350, Ritter said.

The department has files backed up at an off-site location and the files were restored and brought back online within 24 hours, she said.

WDAY logo
listen live
watch live
Newsletter signup for email alerts

“Nothing was compromised. It just changes the format of the file,” Ritter said.

The North Dakota Information Technology Department is investigating.

At this time, investigators don’t believe the threat was targeting the North Dakota state network or government employees, said Cliff Heyne, enterprise communication program administrator for the Information Technology Department.

“These sorts of ransomware events are becoming more commonplace,” Heyne said. “It’s not specific to government, not specific to oil and gas.”

Heyne said ransomware attacks can be bad if files aren’t backed up, but in this case it didn’t cause any irrevocable damage and the response to the attack was quick.

“They identified it, isolated it, removed it and then all of the information was backed up,” Heyne said.