- The US Federal Court Filing System recently suffered a cyberattack
- Initial reports claim Russia is at least partially to blame
- The attack targeted sealed court files
Russia has allegedly been linked to a worrying recent cyberattack against the US Federal Court Filing System.
Reporting from the New York Times (NYT), which said it spoke to people familiar with the matter, claims there is evidence Russia is at least partially responsible for the attack, which has been a “yearslong” effort to breach the system.
The reports added the searches, “included midlevel criminal cases in the New York City area and several other jurisdictions, with some cases involving people with Russian and Eastern European surnames.”
Hacking sealed files
A cyberattack against the system was most recently confirmed on August 7 by the Administrative Office of the US Courts. However, Politico reported that the system had been under attack by an unknown threat actor since early July.
Furthermore, across the US, chief judges of district courts were told to move cases with overseas ties off the regular document-management system.
An internal memo, seen by NYT and issued to Justice Department officials, clerks and chief judges in federal courts by administrators with the court system stated that, “persistent and sophisticated cyber threat actors have recently compromised sealed records,” continuing with, “This remains an URGENT MATTER that requires immediate action.”
The Federal Court Filing System, like many filing systems, is a sprawling network that is continuously used and updated with new records, and was built on a system first developed in 1996.
As a result, the system is considered to have several serious vulnerabilities, with the system previously being breached in 2020.
There is still currently no known motive for the attack, but it is possible that if Russian intelligence services are involved they could be gathering intelligence on the potential compromise of assets in the US.
The same has been theorized about the telecoms breaches that hit the US in 2024, which were attributed to China. In these attacks, threat actors breached a backdoor used by law enforcement to pursue court-ordered wiretaps.
