OPINION:
America’s law enforcement agencies and departments are under siege, not by armed assailants but by cybercriminals. These threat actors are no longer just stealing data but actively disrupting the systems that keep communities safe. Through tactics such as ransomware attacks that cripple jail management systems or hackers infiltrating sensitive police networks, these digital assaults are derailing law enforcement operations, endangering officers and compromising critical investigations.
The good news is that there is a solution. Every day, hundreds of sheriff’s offices like mine rely on a national program called the Multi-State Information Sharing and Analysis Center to protect our communities’ digital backbones. The MS-ISAC provides critical resources to protect dispatch systems, jail networks, court records and 911 emergency communications.
Since January 2024, MS-ISAC services have prevented 57 cybersecurity incidents specifically targeting more than a dozen law enforcement organizations and blocked more than 40 million threat events across nearly 60 law enforcement organizations. Each of these incidents had the potential to cause significant disruption to communities across the country.
The bad news is that the federal government cut funding for these critical cyberdefense services earlier this year. If we lose access to this program, the ability of many state and local agencies to safeguard their communities will be greatly diminished.
Cybersecurity is more than zeros and ones flashing across a computer screen. When our systems go down, we don’t lose just data. We also lose time, trust and the ability to protect our citizens. Let me give you some recent examples.
In January 2024, cybercriminal group Purgatory was behind a swatting attack at the Albany International Airport. The callers reported a shooting and bomb threat, prompting a lockdown and deploying my officers to the airport. This tied up resources that could have been needed to respond to real emergencies elsewhere. Swatting incidents such as these are more than disruptive; they can have deadly consequences because of the confusion they cause among victims and responding law enforcement.
As students returned to campuses this year, swatting attacks hit more than 50 colleges and universities. Cybercriminals used an internet-based calling system to flood first responders with reports of an active shooter, and some calls even included sounds of gunfire. These attacks triggered campus lockdowns, diverted law enforcement resources and caused widespread panic among students, families and local communities. At least 10 of these calls were likely placed by Purgatory.
The nonprofit Center for Internet Security, which runs the MS-ISAC, informs law enforcement nationwide of these cyber-enabled threats, often within seconds of the first signs of threat activity. For many law enforcement officials, this kind of timely, relevant threat intelligence is not available anywhere else.
The Major County Sheriffs of America recently joined four other government agencies and sent a letter urging congressional leaders to reinstate federal funding for the MS-ISAC. We make a clear case: Small and rural communities, already stretched thin, will be hit hardest by the loss of federal support. Without the resources to build cyberdefenses on their own, these communities will be left vulnerable to foreign and domestic cyberattacks that would significantly disrupt the very day-to-day lives of citizens.
In March, President Trump signed an executive order shifting more responsibility for cybercrime prevention to states and localities. The president is right to recognize the importance of state and local governments in protecting America’s cybersecurity, but these state and local organizations need federal help to secure their communities. To better align with Mr. Trump’s goals, Congress should support funding for the MS-ISAC, which for decades has provided free or low-cost services to the entities that need them most.
Time is running out. Since the federal cuts took effect, the Center for Internet Security has been temporarily funding these critical cyberdefense services at more than $1 million monthly. That emergency funding will end on Sept. 30, making our state and local law enforcement operations easy targets for cybercriminals.
Cybersecurity is operational security, and the stakes are real. We need the federal government to fulfill its promise of protecting all citizens and restore funding for the MS-ISAC. Without it, law enforcement operations will become more susceptible to cyberattacks, putting the lives of our officers and communities at risk.
• Craig Apple is the sheriff of Albany County, New York. He was named 2024 National Sheriff of the Year by the National Sheriff’s Association.
Please read our comment policy before commenting.