Cyber Incident Victim: South Shore Regional Emergency Communications Center
Date:
Aug 2025
Location:
United States of America
Summary
A regional emergency communications center experienced a cyberattack targeting a member community, disrupting its computer-aided dispatch system for approximately one day. The incident involved malware attributed to a group with Russian ties, prompting an investigation by federal and state law enforcement. While the automated dispatch software was rendered inoperable, dispatchers maintained uninterrupted 911 services using manual protocols without delays or missed calls. The attack's impact on confidential data remains undetermined as inquiries continue.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 2, 2025, at 9:30 a.m., staff at the South Shore Regional Emergency Communications Center (SSRECC) encountered severe disruptions affecting their Information Management Corporation computer-aided dispatch (CAD) software. Executive Director Aaron Smith characterized the event as an apparent cyberattack initially targeting one of SSRECC’s four member communities, though the specific municipality was not identified. Management immediately engaged their IT vendor, Multi Service Provider Global Data Systems (GDS), and contacted IMC, the CAD software provider, for technical support. Investigators rapidly concluded the outage resulted from an intentional act that rendered the CAD system inoperable. SSRECC notified all member communities of the incident and escalated reports to the FBI, Massachusetts State Police, and Commonwealth Fusion Center. The CAD system remained offline for most of the day, forcing dispatchers to revert to manual emergency response protocols, a contingency for which staff received regular training. Despite the disruption, SSRECC confirmed no 911 calls were missed or experienced processing delays during the attack, asserting callers would not detect operational differences between CAD-assisted and manual dispatch methods.
Forensic analysis identified a relatively new variant of malware with alleged connections to Russian-affiliated threat actors as the attack mechanism, though investigators did not disclose specific indicators of compromise or data exfiltration details. The center emphasized no confirmation of compromised confidential information at this preliminary investigation stage. Throughout the incident, SSRECC maintained uninterrupted 911 services and emergency response operations without public safety degradation. The Norwell Police Department joined the FBI and Massachusetts State Police in the ongoing investigation, which remained active as of August 5, 2025. SSRECC committed to releasing additional information as the inquiry progressed but provided no timeline for system restoration updates or final attribution findings.