The US Federal Court Filing System has been breached - and all the fingers are pointing to Russia

News
By published

Recent breach is allegedly the work of Russia

Russia
(Image credit: Shutterstock)
  • The US Federal Court Filing System recently suffered a cyberattack
  • Initial reports claim Russia is at least partially to blame
  • The attack targeted sealed court files

Russia has allegedly been linked to a worrying recent cyberattack against the US Federal Court Filing System.

Reporting from the New York Times (NYT), which said it spoke to people familiar with the matter, claims there is evidence Russia is at least partially responsible for the attack, which has been a “yearslong” effort to breach the system.

The reports added the searches, “included midlevel criminal cases in the New York City area and several other jurisdictions, with some cases involving people with Russian and Eastern European surnames.”

Hacking sealed files

A cyberattack against the system was most recently confirmed on August 7 by the Administrative Office of the US Courts. However, Politico reported that the system had been under attack by an unknown threat actor since early July.

Furthermore, across the US, chief judges of district courts were told to move cases with overseas ties off the regular document-management system.

An internal memo, seen by NYT and issued to Justice Department officials, clerks and chief judges in federal courts by administrators with the court system stated that, “persistent and sophisticated cyber threat actors have recently compromised sealed records,” continuing with, “This remains an URGENT MATTER that requires immediate action.”

The Federal Court Filing System, like many filing systems, is a sprawling network that is continuously used and updated with new records, and was built on a system first developed in 1996.

As a result, the system is considered to have several serious vulnerabilities, with the system previously being breached in 2020.

There is still currently no known motive for the attack, but it is possible that if Russian intelligence services are involved they could be gathering intelligence on the potential compromise of assets in the US.

The same has been theorized about the telecoms breaches that hit the US in 2024, which were attributed to China. In these attacks, threat actors breached a backdoor used by law enforcement to pursue court-ordered wiretaps.

You might also like

Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.