US federal courts hit by "incredibly significant" cyberattack
The two years old attack was a lot bigger than first thought
A 2020 cyberattack against the US federal court system ended up being far more damaging than initially thought, and has now been labelled, “incredibly significant and sophisticated” by a US congressman.
A hearing at the House Judiciary Committee saw Chairman Jerrold Nadler (D-NY) touch upon a data breach that was first publicly disclosed by the Administrative Office of the Courts, in early January 2021.
Nadler is now saying that the breach was a lot more impactful.
Impacted cases
"It was only in March of this year the committee first learned of the startling breadth and scope of the court's Document Management System security failure,” Nadler said. “And perhaps even more concerning is the disturbing impact the security breach had on pending civil and criminal litigation, as well as ongoing national security or intelligence matters."
Since then, the incident has had “lingering impacts on the department and other agencies," he added.
He further asked Justice Department official Matt Olsen about the types of cases, investigations, and attorneys, most impacted by the breach, a question which Olsen couldn’t answer. "This is, of course, a significant concern for us given the nature of information often held by the courts," he said.
Rep. Sheila Jackson Lee, (D-TX), argued that the findings were a “dangerous set of circumstances,” adding that the Justice Department needs to share more details about the number of cases impacted, and how many of those were dismissed.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
While this incident occured at roughly the same time as the notorious SolarWinds attack, the two are apparently unrelated events.
The SolarWinds attack is generally perceived as one of the most devastating supply chain cyberattacks to ever occur. After investigating the incident, the US government blamed Russian state-sponsored threat actors for the attack.
The group obtained Microsoft 365 login credentials from some SolarWinds employees through phishing, and used it to taint a patch for one of its products, while in development. The tainted patch was subsequently pushed to hundreds of thousands of endpoints around public and private sectors, infecting government agencies, as well as some of the largest tech companies in the world.
- These are the best firewalls around
Via: ZDNet
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.