US federal courts hit by "incredibly significant" cyberattack

News
By Sead Fadilpašić
published

The two years old attack was a lot bigger than first thought

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)

A 2020 cyberattack against the US federal court system ended up being far more damaging than initially thought, and has now been labelled, “incredibly significant and sophisticated” by a US congressman.

A hearing at the House Judiciary Committee saw Chairman Jerrold Nadler (D-NY) touch upon a data breach that was first publicly disclosed by the Administrative Office of the Courts, in early January 2021. 

Nadler is now saying that the breach was a lot more impactful.

Impacted cases

"It was only in March of this year the committee first learned of the startling breadth and scope of the court's Document Management System security failure,” Nadler said. “And perhaps even more concerning is the disturbing impact the security breach had on pending civil and criminal litigation, as well as ongoing national security or intelligence matters."

Since then, the incident has had “lingering impacts on the department and other agencies," he added. 

He further asked Justice Department official Matt Olsen about the types of cases, investigations, and attorneys, most impacted by the breach, a question which Olsen couldn’t answer. "This is, of course, a significant concern for us given the nature of information often held by the courts," he said. 

Rep. Sheila Jackson Lee, (D-TX), argued that the findings were a “dangerous set of circumstances,” adding that the Justice Department needs to share more details about the number of cases impacted, and how many of those were dismissed.

Read more

> The SolarWinds hackers are back - and smuggling malware in Google Drive

> These are the best malware protection services right now

> Security bug left over 1,000 organizations open to ransomware, device hijacking

While this incident occured at roughly the same time as the notorious SolarWinds attack, the two are apparently unrelated events. 

The SolarWinds attack is generally perceived as one of the most devastating supply chain cyberattacks to ever occur. After investigating the incident, the US government blamed Russian state-sponsored threat actors for the attack. 

The group obtained Microsoft 365 login credentials from some SolarWinds employees through phishing, and used it to taint a patch for one of its products, while in development. The tainted patch was subsequently pushed to hundreds of thousands of endpoints around public and private sectors, infecting government agencies, as well as some of the largest tech companies in the world.

Via: ZDNet

Sead Fadilpašić
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.