Public safety agencies across the U.S. recently received the warning – you’re at risk of a cyberattack.

FirstWatch – a company that monitors public safety systems for attacks and unusual activities - sent out an email alert on January 29, 2022, that cyberattacks against 911 centers, local governments, and medical facilities are ongoing and on the rise. The alert urges public safety agencies to immediately start working with their IT departments to ensure the safety and security of their systems. FirstWatch told the EMS One-Stop Podcast it took the unusual step of issuing an alert because they saw attacks go up by 35-40% than normal but also stay up over the course of 10 days.

Earlier in January, the FBI also issued an advisory regarding attacks coming from Russia and asked cybersecurity experts to be prepared. CNN reported two cyberattacks forced public schools in Albuquerque, NM to close and knocked out cameras at a local jail in January. But attacks against 911 and other local government systems are not new.

• In April 2020, ransomware hit the 911 center in Lawrence County, Tennessee.  The operations manager told WKRN-TV he noticed within minutes that files were encrypted and received a message from overseas with instructions on how to unlock them. The cyberattack didn’t affect radios or phone communications but it did knock down the computer-aided dispatch system (CAD). Dispatchers had to do manual logging and reporting.

• Also in 2020, the city of Durham, North Carolina was hit by a ransomware attack that took 80 servers offline and forced the city to take down its phone system. Because the city and county share some resources, the malware got into both networks, including the 911 PSAP systems. According to FirstWatch, “911, EMS, fire-rescue, Sheriff, and police were back to having to do manual dispatching and paper logs and reports."

• In 2019, ransomware hit 22 municipalities in Texas knocking down systems like utility payments and records like birth and death certificates.

• And going back to 2018, Baltimore became a victim of ransomware attacks that disabled some of the city’s 911 servers, including the CAD system. Just like in other places, dispatchers had to manually collect information.