Could a Cyber Attack Silence 911’s Lifeline When Every Second Matters?

On May 19, 2025, Morgan County, Alabama, experienced a targeted cyber-security incident that disrupted the administrative systems of its 911 call center for multiple days. While core dispatch capabilities—call history, CAD processing, and radio communications—remained online, remote agency workstations were isolated and the inmate-roster functionality went offline when IT leadership severed network links as a containment measure.

Read the story here. 

InfoSight, Inc. Recommended Mitigation Solutions

• Comprehensive Vulnerability Assessment & Penetration Testing
  Execute a full audit of the 911 center’s administrative and dispatch network segments to identify exploitable gaps. Leverage InfoSight’s threat-driven pen tests to validate resilience and harden configurations.

• 24×7 SOC-as-a-Service with Real-Time Threat Intelligence
  Deploy our managed SOC to ingest telemetry from firewalls, endpoint agents, and CAD servers—enabling detection of anomalies, rapid triage, and proactive threat hunting across the emergency-services estate.

• Zero Trust Network Segmentation
  Enforce strict micro-segmentation between administrative systems, dispatch operations, and remote-agency endpoints. Adopt least-privilege access controls and continuous policy validation to block lateral movement.

• Secure Remote Access & Multi-Factor Authentication
  Replace ad-hoc VPN connections with a hardened access gateway offering MFA, device posture checks, and session logging—ensuring only authorized personnel can view or interact with dispatch consoles.

• Managed Patch & Configuration Hardening
  Implement InfoSight’s patch orchestration for Windows and network appliances, coupled with CIS-benchmarked configuration baselines, to eliminate known vulnerabilities before adversaries can exploit them.

• Resilient Backup & Rapid Recovery Architecture
  Design and test immutable backup workflows for mission-critical data (inmate rosters, warrant lists, call logs) with automated failover to an alternate datacenter or cloud instance—minimizing downtime during an incident.

• Incident Response Planning & Tabletop Exercises
  Develop and rehearse a tailored incident-response playbook for the 911 environment, incorporating escalation protocols, forensic evidence collection, and stakeholder communication plans to streamline recovery.

• Security Awareness & Phishing Resilience Training
  Conduct role-based training for dispatch operators, IT staff, and remote-agency users—focusing on spear-phishing simulations, credential-hygiene best practices, and rapid-reporting workflows.

By integrating these measures into a defense-in-depth posture, Morgan County can shore up administrative systems, safeguard core dispatch operations, and ensure operational continuity for its critical 911 services.

Contact our expert Advisory team to set up a call today.