Cyber Incident Victim: Tri County Public Safety network

On March 16, 2021, at approximately 9:30 PM, the Tri County Public Safety network serving Albany, Saratoga, and Rensselaer Counties in New York experienced a ransomware attack. The Albany County Sheriff’s Office confirmed the incident, noting immediate collaboration with technology vendors and the New York State Division of Homeland Security and Emergency Services (NYDHSES) Office of Counter Terrorism Cyber Incident Response Team to contain the breach. Response teams worked overnight to mitigate the attack’s effects, prioritizing the isolation of compromised systems. While emergency 911 services in Albany County remained operational throughout the incident, the attack disrupted Computer Aided Dispatch (CAD) systems, which are critical for coordinating first responders and managing emergency calls. All affected servers and desktops underwent comprehensive cleaning to remove malicious artifacts. The disruption temporarily hindered dispatch operations but did not cause a complete failure of emergency response capabilities.

Officials restored services by rebuilding systems from backups, a process that allowed gradual recovery of affected functions. The incident did not compromise public safety communications to the extent of disabling 911 access, though the CAD outage introduced operational delays. No evidence suggests data exfiltration or secondary attacks occurred beyond the initial ransomware encryption. The Sheriff’s Office did not disclose the ransomware variant used, the initial attack vector, or whether a ransom demand was issued. Service restoration efforts focused on ensuring system integrity before reactivating networks, with no reported residual impacts on dispatch operations after recovery. The coordinated response between county agencies and state cybersecurity personnel facilitated containment within a compressed timeframe.