Politico: Cyber breaches pose serious risks to the US judicial system
The electronic filing system used by the US federal judiciary has been the target of a widespread cyber breach that is believed to have exposed sensitive information related to cases in several US states, two people familiar with the incident told Politico.
According to Politico, the previously undisclosed breach is feared to have compromised the identities of confidential informants involved in criminal cases in several federal courts, according to the two sources, who requested anonymity because they were not authorized to speak publicly about the incident.
One of the sources told the website that the Administrative Office of the US Courts, which manages the federal court filing system, first became aware of the seriousness of the problem around July 4.
However, this office, along with the Department of Justice and various federal courts across the country, are still trying to determine the extent of the breach.
The identity of the party that carried out the attack remains unknown, with suspicions that entities linked to foreign states or sophisticated criminal organizations were involved.
The FBI referred inquiries to the Department of Justice, which hadn’t issued any official comment at the time of Politico’s preparation of this report.
It’s not yet clear though how the hackers were able to infiltrate, but the cyber-attack targeted the judiciary’s electronic “Central Case Management System,” which consists of two interconnected systems: the Case Management/Electronic File System (CM/ECF), which lawyers use to submit and manage case documents, and the Public Access to Electronic Records (PACER), which allows the public limited access to the same data.
According to Politico, this system—in addition to data on witnesses and defendants cooperating with law enforcement—contains other sensitive information that could be of interest to foreign entities or criminals, such as sealed indictments containing non-public information about alleged crimes, and arrest and search warrants that suspects could use to evade arrest.
This cyber-attack reveals the fragility of the US judicial system’s digital infrastructure, according to Politico.
During a judicial conference in Kansas City last week, judges from the Eighth Judicial Circuit—which includes states such as Missouri, Minnesota, and Iowa—were briefed on the incident.
The session was attended by Judge Robert Conrad, Director of the Administrative Office of the Federal Courts, and Supreme Court Justice Brett Kavanaugh, who didn’t address the breach in his remarks.
This cyberattack reveals the fragility of the US judicial system’s digital infrastructure, according to Politico.
In previous testimony before the House Judiciary Committee, Judge Michael Scudder, chairman of the Judicial Information Technology Committee, described the country’s two central electronic case management systems for the judiciary as “outdated, outdated, and unsustainable due to cybersecurity risks, requiring their replacement”.
It’s worth noting that this isn’t the first time the federal judicial system has been subjected to a cyberattack.
Back in 2020, three foreign hacking groups breached the same system, in an incident described at the time as shocking.
The extent of this connection to the current breach is still under investigation.
