A 2020 cyberattack against the US federal court system ended up being far more damaging than initially thought, and has now been labelled, “incredibly significant and sophisticated” by a US congressman.
A hearing (opens in new tab) at the House Judiciary Committee saw Chairman Jerrold Nadler (D-NY) touch upon a data breach that was first publicly disclosed by the Administrative Office of the Courts, in early January 2021.
Nadler is now saying that the breach was a lot more impactful.
“It was only in March of this year the committee first learned of the startling breadth and scope of the court’s Document Management System security failure,” Nadler said. “And perhaps even more concerning is the disturbing impact the security breach had on pending civil and criminal litigation, as well as ongoing national security or intelligence matters.”
Since then, the incident has had “lingering impacts on the department and other agencies,” he added.
He further asked Justice Department official Matt Olsen about the types of cases, investigations, and attorneys, most impacted by the breach, a question which Olsen couldn’t answer. “This is, of course, a significant concern for us given the nature of information often held by the courts,” he said.
Rep. Sheila Jackson Lee, (D-TX), argued that the findings were a “dangerous set of circumstances,” adding that the Justice Department needs to share more details about the number of cases impacted, and how many of those were dismissed.
While this incident occured at roughly the same time as the notorious SolarWinds attack, the two are apparently unrelated events.
The SolarWinds attack is generally perceived as one of the most devastating supply chain cyberattacks to ever occur. After investigating the incident, the US government blamed Russian state-sponsored threat actors for the attack.
The group obtained Microsoft 365 login credentials from some SolarWinds employees through phishing, and used it to taint a patch for one of its products, while in development. The tainted patch was subsequently pushed to hundreds of thousands of endpoints (opens in new tab) around public and private sectors, infecting government agencies, as well as some of the largest tech companies in the world.
Via: ZDNet (opens in new tab)