Bucks 911 Communications Center Protection Measures Taken

LOWER BUCKS COUNTY, PA —The Bucks County Board of Commissioners Wednesday approved a slate of resolutions related to last month’s cyber attack that crippled its Ivyland-based 911 Communications Center for more than a week.

A ransomware "Akira" attack brought the computer-aided dispatch (CAD) system fully offline last month before service was restored after a nine-day outage.

Officials said the incident remains under investigation by county, state, and federal authorities.

At its regular public meeting Wednesday, Commissioners approved resolutions that include contracts with cyber forensic and legal firms, as well as a Declaration of Disaster Emergency.

The measures provide formal approval of the county’s efforts to expedite restoration and enlist expert assistance in response to the Jan. 21 ransomware attack that rendered the CAD system temporarily inoperable.

Commissioners authorized a payment of $375,0000 Wednesday to CRA International Inc. of Boston for cybersecurity. The contract runs through 2027.

Ongoing payments of $1,000 per hour plus expenses were also authorized to DLA Piper LLP for legal services regarding the attack.

Emergency dispatchers’ use of the CAD system resumed Jan. 30 following days of intensive restoration efforts by staff of the County’s Information Technology and Emergency Communications Departments.

Officials said that at no time during the incident were the county’s 911 call-taking and dispatch abilities interrupted.

“The CAD took the County two years to build, and when a cyber attack took it offline, our team put the system back together in just nine days,” Commissioner Chairwoman Diane Ellis-Marseglia said. “We’ve still got more rebuilding to do, but we’re immensely proud of the work our staff has done so far, and we’re incredibly thankful for the assistance of our partner agencies and cybersecurity vendors.”

The county did not engage in negotiations with those claiming responsibility for the attack, nor did it pay any ransom to restore functionality to its systems.

Rather, the County’s IT and Emergency Communications departments’ meticulous cyber maintenance and backup practices were key to the system’s quick restoration.

Forensic investigations by the county and its partners have found no evidence that any data was copied or otherwise extracted from the CAD system.