Federal courts hit by ‘large and sophisticated’ cyberattack in 2020
The U.S. federal justice system was hit by a major cyber breach in 2020, unrelated to the SolarWinds attack, which a U.S. congressman on Thursday called “incredibly significant and sophisticated.”
To House Judiciary Committee hearingChairman Jerrold Nadler, D-NY, noted that the Courts Administrative Office issued a public statement about the violation on January 6, 2021. However, he said, “It wasn’t until March of this year that the committee learned for the first time of the startling scale and scope of the security failure of the court’s records management system.And perhaps even more disturbing is the disturbing impact of the security breach on the pending civil and criminal litigation, as well as pending national security or intelligence matters.
The breach, Nadler said, “has had lingering impacts on the department and other agencies since then.”
Nadler asked Justice Department official Matt Olsen what types of cases, investigations or US law firms were most affected by the breach.
Olsen, assistant attorney general in the Justice Department’s National Security Division, said he could not speak directly about the nature of an ongoing investigation into efforts to compromise public court records.
“This is, of course, a significant concern for us given the nature of information often held by courts,” he said.
Rep. Sheila Jackson Lee, D-Texas, said the committee needs to know from the Justice Department how many cases were affected and how many were dismissed.
“This is a dangerous set of circumstances,” she said.
The massive SolarWinds attack, backed by the Kremlin, targeted a wide range of US entities – nine federal government agencies, including the Treasury Department and Commerce Department, as well as 100 private sector organizations. The attackers infiltrated these organizations in part by inserting malware into the Orion computer monitoring platform, a SolarWinds product. The malware was distributed via software updates sent to SolarWinds customers between March and June 2020.