Cyberattacks on U.S. Courts: Vulnerabilities, Impacts, And Response Strategies

As cyber threats grow more sophisticated, U.S. courts are increasingly targeted by cybercriminals, exposing significant vulnerabilities in judicial systems. These attacks disrupt court operations and have broader implications, affecting employers who rely on public records for criminal background checks. Understanding the nature and impact of these cyberattacks underscores the urgent need to bolster cybersecurity measures within the judiciary to protect sensitive information and maintain public trust.

Los Angeles County Superior Court Attack

In July, Los Angeles County Superior Court, the largest unified superior court in the United States, fell victim to a ransomware attack. This incident forced the closure of all 36 courthouses on the following Monday to address the breach that had affected the court's case management systems, including the My Jury Duty Portal and its main website.

In a statement, Presiding Judge Samantha Jessner described the attack as "unprecedented," necessitating a complete shutdown of network systems to contain the damage, protect data integrity, and ensure future network stability. The court worked diligently to resolve the issue, restoring systems by July 19.

Fulton County, Georgia, Ransomware Attack

Not far behind in scale and impact, Fulton County, Georgia, which includes most of Atlanta, experienced a significant ransomware attack in late January. The attack, claimed by the ransomware group LockBit, suspended most government services, affecting everything from issuing vehicle registrations and marriage licenses to the court's ability to process legal documents online. If their demands were unmet, the hackers threatened to release sensitive data, including potentially high-profile information related to ongoing criminal cases. Despite these threats, Fulton County officials refused to pay the ransom and have been working to restore systems and services. More than a month after the attack, some services remain disrupted, highlighting the long-lasting impact of such cyber incidents on local government and judicial operations.

Kansas Court System Breach

In October, the Kansas Office of Judicial Administration detected unauthorized activity on its network and took immediate action to protect its systems and data. The office worked with cybersecurity experts to investigate the incident, confirming that some files had been exfiltrated. The review process to determine the specific information affected and identify impacted individuals took until May due to the complexity of the data, which required manual review. In May, Kansas courts began notifying affected individuals and offered credit monitoring and identity recovery services. The detection of the breach was immediate, and recovery efforts were ongoing. Since the incident, Kansas courts have enhanced their security measures to provide even greater protection for their network and information systems.

Pennsylvania State Courts Disruption

In February, Pennsylvania's state courts suffered a distributed denial-of-service (DDoS) attack, disrupting critical online services such as access to online docket sheets and the electronic case document filing portal. While recovery was swift, this incident highlighted the vulnerability of court systems to disruptions that can significantly impede judicial processes.

Alaska, Georgia, and Texas: Lessons Learned

Other states have faced similar challenges. In April 2021, the Alaska Court System endured a ransomware attack that required the court to operate offline for about a month, using manual processes like fax machines and phone calls. Georgia's court system was hit in June 2019 and Texas in May 2020, each experiencing significant disruptions. These incidents prompted a reevaluation of IT infrastructure, leading to cloud migrations and the implementation of enhanced cybersecurity protocols to safeguard judicial operations.

Impacts on Employers Conducting Background Checks

Cyberattacks have significant repercussions for employers who rely on court records to conduct criminal background checks. When local courts are offline, or their data is compromised, employers face delays in obtaining essential information, which can impact hiring processes. Employers are advised to diversify their sources of information, including utilizing statewide criminal repositories, to mitigate these challenges. However, it's important to note that these repositories may experience latency in updates, potentially causing gaps in criminal history searches. Additionally, incorporating social media searches can provide a more holistic view of a job applicant. Once courts have reopened, rescreening, recurring screening, and criminal history monitoring can serve as effective risk mitigation strategies. Effective communication with clients and stakeholders remains crucial to managing expectations and maintaining transparency during these disruptions.

Federal Response to Cybersecurity Threats

The risk of cyberattacks on the judicial system is not new. Recent warnings from two federal judges before a U.S. Congressional panel emphasized the vulnerabilities within the judiciary's aging computer systems and the pressing need for modernization and increased security funding. U.S. Circuit Judge Amy St. Eve, chair of the Judicial Conference of the United States' budget committee, pointed out that years of under-investment have left the judiciary vulnerable. U.S. District Judge Roslynn Mauskopf, director of the Administrative Office of the U.S. Courts, noted a "sharp increase" in cyberattacks targeting the judiciary, warning that these threats pose risks not only to the justice system but also to the integrity of democracy.

In response to these growing threats, the federal judiciary requested $8.6 billion in discretionary funding for the 2023 fiscal year, a 7.2% increase from the previous year. This includes $403 million for IT security and modernization and $786 million for court security, reflecting the heightened threats to federal judges and courthouses. As cyber threats continue to evolve, it is likely that funding requests will continue to rise, particularly in areas like IT security and court security, to address ongoing challenges and support necessary modernization efforts.

Challenges for State and Local Courts

While the federal judiciary can seek substantial funding to enhance cybersecurity, state and local courts often operate with much smaller budgets, making investing in robust security measures difficult. These courts handle the majority of everyday legal proceedings and contain vast amounts of sensitive personal information, yet may lack the resources to implement comprehensive cybersecurity strategies. This discrepancy highlights a critical issue: as cyber threats become more sophisticated, the need for cybersecurity investment extends beyond the federal level. State and local courts face significant risks if they cannot adequately protect their data, potentially leading to far-reaching consequences for the justice system and public trust.

Parting Thoughts

The judiciary's role as a custodian of some of the nation's most sensitive information makes cybersecurity an essential priority. The testimonies of Judges St. Eve and Mauskopf underscore the urgent need to modernize and protect critical judicial data. As cyberattacks evolve, both federal and state judicial systems must prioritize cybersecurity, ensuring the integrity of their operations and maintaining public trust. Without adequate investment, particularly at the state and local levels, the judicial system may remain vulnerable to increasingly sophisticated cyber threats, posing risks to individual court cases and the broader principles of justice and democracy.

Release Date: September11, 2024