fbpx
facebook app symbol  twitter  linkedin  instagram 1
 

NEWTOWN, N.D. — On April 28, the Three Affiliated Tribes—the Mandan, Hidatsa & Arikara Nation—announced to its staff and employees that its server was hacked and believe it was by malicious software called ransomware. Since the server was hacked, the tribe has been unable to access files, email and critical information. 

Ransomware is a type of malware from crypto-virology that threatens to publish data or perpetually block access to it unless a ransom is paid, according to the Department of Homeland Security. The Federal Bureau of Investigation estimates that there are 4,000 ransomware attacks launched every day. An attack is launched every 40 seconds.

“MHA's management information system has been exposed to an external cyber security issue and we have formulated a team of experts to assist our analysis and have coordinated with external government entities as well,” said MHA Nation Tribal Chairman Mark Fox in an email to Native News Online. 

A memorandum was sent to all Three Affiliated Tribes employees on April 28 with information that the hack was associated with ransomware. “One thing it does is gets in the system and switches file locations and file names,” said Mandan, Hidatsa & Arikara Chief Executive Officer Scott Satermo in the memorandum. “Share this text, call, or use other methods as we have no way of sending an email notification at this time.” 

“Please refrain from using your work computers,” said MHA CEO Satermo in a memo dated May 3, 2021 to all Three Affiliated Tribe employees. “A cyber security team is on site and we will begin the process of cleaning computers.”

“Ransomware is running rampant in governments throughout the world,” said National Association of State Chief Information Officers (NASCIO) Director of Policy & Research Meredith Ward in an email to Native News Online. “Many local governments have been hit very hard.” 

NASCIO is a 501c (3) (h) nonprofit with a primary objective in the advocacy and policy arena to provide policy-makers with insight and recommendations regarding the implications of technology-related legislation, regulations, policies and proposals. According to a study published by NASCIO on Oct. 14, 2020, 30 states said financial fraud was a leading cause of breaches in the past year compared to 10 states in 2018. Leading causes of breaches continue to be from external sources: malicious code (68 percent), web applications from external sources (81 percent), and “hacktivism” (86 percent), which is on the rise.

Although ransomware attacks may seem common, they are not widely reported among tribes. To date, there is no database with statistics if, and how often, tribes are affected by cyberattacks. According to the Cybersecurity & Infrastructure Security Agency (CISA), ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid. In recent years, ransomware incidents have become increasingly prevalent among the nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations.

In 2019, the Eastern Band of Cherokee’s network was shut down due to a cyberattack. An Eastern Band of Cherokee tribal member, who was also employed by the tribe, was arrested. The individual was arrested for “tampering with public records and obstructing government functions.” Eastern Band of Cherokee Principal Chief Richard Sneed called the incident “an act of domestic terrorism.” The Federal Bureau of Investigation, the Department of Homeland Security and the North Carolina State Bureau of Investigation assisted tribal police in the investigation. 

The Department of Homeland Security was contacted for more information. “Your best contact may be the tribe itself to see what federal assistance it has sought and what information it is willing to release,” said Department of Homeland Security Director of Tribal Government Affairs David Munroe in an email to Native News Online.

On March 22, 2021, Native News Online reported that the Department of Interior reversed a Trump-era decision that determined a portion of the Missouri River on the Fort Berthold Indian Reservation would belong to the state of North Dakota. The decision came days after Laguna Pueblo Debra Haaland was sworn in as the first American Indian to serve as secretary of the Interior Department. The move could potentially bring billions of dollars of revenue to Mandan, Hidatsa and Arikara tribal members.

U.S. Congress is evaluating bills such as the State and Local Cybersecurity Improvement Act. If approved, the Act will allocate several billion in funding to cybersecurity for state, local governments, and $25 million for tribal governments via the Cybersecurity and Infrastructure Security Agency (CISA). It was read in the House Committee of Homeland Security in September 2020 and passed the House on a bipartisan voice vote, but remains stalled in the Senate. 

Covid-19 has forced millions of Americans to migrate their everyday activities to the online world, increasing the possibility of cyberattacks. 

More Stories Like This

Native News Weekly (August 25, 2024): D.C. Briefs
Native News Weekly (August 4, 2024): D.C. Briefs
Native News Weekly (December 22, 2024): D.C. Briefs
Federal Government Shutdown Averted: How Native Americans in Congress Voted
CALL TO ACTION: The Truth and Healing Commission on Indian Boarding School Policies Act Needs Immediate Action

Can we take a minute to talk about tribal sovereignty?

Sovereignty isn't just a concept – it's the foundation of Native nations' right to govern, protect our lands, and preserve our cultures. Every story we publish strengthens tribal sovereignty.

Unlike mainstream media, we center Indigenous voices and report directly from Native communities. When we cover land rights, water protection, or tribal governance, we're not just sharing news – we're documenting our living history and defending our future.

Our journalism is powered by readers, not shareholders. If you believe in the importance of Native-led media in protecting tribal sovereignty, consider supporting our work today. 

Right now, your support goes twice as far. Thanks to a generous $35,000 matching fund, every dollar you give during December 2024 will be doubled to protect sovereignty and amplify Native voices.

No paywalls. No corporate owners. Just independent, Indigenous journalism.

About The Author
Author: Darren ThompsonEmail: This email address is being protected from spambots. You need JavaScript enabled to view it.
Darren Thompson (Lac du Flambeau Ojibwe) is a staff reporter for Native News Online who is based in the Twin Cities of Minnesota. Thompson has reported on political unrest, tribal sovereignty, and Indigenous issues for the Aboriginal Peoples Television Network, Indian Country Today, Native News Online, Powwows.com and Unicorn Riot. He has contributed to the New York Times, the Washington Post, and Voice of America on various Indigenous issues in international conversation. He has a bachelor’s degree in Criminology & Law Studies from Marquette University in Milwaukee, Wisconsin.