In 2025, there was a 17 percent increase in cyberattacks impacting public safety organizations globally. While new tactics like AI-led phishing began to drive more compromises, ransomware attacks remained the primary cybersecurity threat to the sector in terms of operational impact. These findings highlight the growing challenge for agencies to stay ahead of increasingly diverse and aggressive threat actors.
The new 2025 Public Safety Cyberattack Report from the Public Safety Threat Alliance (PSTA) provides a detailed look at these findings, along with insights on major threats seen over the past year. This research combines global data and insights from security experts to give a clear view of today’s risks. By understanding these trends, agencies can better prepare for the new challenges expected to emerge in 2026.
How cyberattack trends evolved in 2025
According to the report, the total number of recorded incidents increased from 328 in 2024 to 382 in 2025. This growth was mostly driven by a large increase in data breaches and distributed-denial-of-service (DDoS) attacks. These attacks involve flooding a network with fake traffic until it crashes or becomes too slow to use. While attacks increased worldwide, different regions faced different types of cyber threats.
In Europe, the biggest trend was hacktivism, with attacks nearly doubling last year. These incidents mostly targeted public websites in countries such as Germany and France, causing temporary service disruptions.
In North America, ransomware remained the primary threat to local city and town governments. Threat actors often opportunistically attack these organizations because they have large and often underprotected networks that are frequently connected to many different public services, which can eventually give threat actors a path into emergency tools like dispatch.
Computer-Aided Dispatch (CAD) remains a primary target for disruption
In 2025, Computer-Aided Dispatch (CAD) systems were the most impacted mission-critical technology from cyberattacks, accounting for 66 percent of all such incidents. These disruptions frequently forced dispatchers to revert to manual pen-and-paper methods, significantly hindering emergency response efficiency.
Most of these disruptions start as a general attack on a city’s main computer network. From there, threat actors find a path to gain unauthorized access to the private systems used by police and fire departments.
Artificial intelligence is accelerating cyber threats to public safety
Artificial intelligence became a standard component of the adversary toolkit in 2025. Threat actors are now leveraging generative AI to craft highly authentic English-language phishing emails and websites, effectively lowering the technical barrier for low-sophistication attackers. This surge in AI-driven content is the primary reason phishing has overtaken credential abuse to become the top tactic for gaining initial access to public safety networks.
Looking ahead to 2026, PSTA analysts assess that threat actors will continue to use AI to quickly uncover and target hidden mission-critical systems that were previously much harder to find, such as emergency dispatch and public safety networks.
Prepare for 2026 with a collective defense
As cyberattacks become faster and more frequent, the report suggests that the best way for agencies to prepare is by working together. Facing AI-driven threats alone is difficult, so building a “collective defense” is essential for staying ahead of new tactics.
Join the PSTA
The most effective step an agency can take is to join a threat-sharing community like the PSTA. The Public Safety Threat Alliance (PSTA) is a no-cost information sharing and analysis organization (ISAO) dedicated to the security of the global public safety community. Recognized by the Cybersecurity and Infrastructure Security Agency (CISA), the PSTA acts as a central hub for cyber threat intelligence, providing its members with actionable analysis, monthly briefings and automated threat feeds to strengthen their collective defense.
Membership is available to all public safety agencies and organizations, including nonprofits and private sector partners, offering a secure platform to collaborate and share insights that protect the systems our communities rely on every day.
By sharing your own cybersecurity experiences and learning from the challenges other agencies have faced, you help improve the awareness and incident response readiness of the entire public safety community.
Staying informed through regular threat reports and expert analysis allows your team to better protect the tools you rely on most. In 2026, staying connected to a network of peers will be just as important as the technology you use to defend your systems.
