Skip to main content

U.S. federal court system cyberattack is worse than previously thought

A cyberattack incident that involved the U.S. federal court system infrastructure has been proven to be an “incredibly significant and sophisticated” attack.

This statement is a stark difference from the one initially provided when the situation occurred in 2020.

A large monitor displaying a security hacking breach warning.
Stock Depot/Getty Images

As reported by TechRadar, the attack itself was confirmed in January 2021 via a hearing from the judiciary committee, with its chairman Jerrold Nadler stating that a data breach was indeed successfully carried out by threat actors.

Upon further investigation, it seems the cybersecurity event was considerably more impactful than the government initially discovered.

Nadler stressed that the committee only started to uncover the “startling breadth and scope of the court’s Document Management System security failure” in March 2022.

“And perhaps even more concerning is the disturbing impact the security breach had on pending civil and criminal litigation, as well as ongoing national security or intelligence matters,” he continued.

He also stated that the hack has resulted in “lingering impacts on the department and other agencies.”

An official from the justice department was questioned about what sort of investigations, types of cases, and attorneys were affected most by the breach. However, the individual could not provide an adequate answer. “This is, of course, a significant concern for us given the nature of information often held by the courts,” he added.

A digital depiction of a laptop being hacked by a hacker.
Digital Trends Graphic

Another government figure, Sheila Jackson Lee, asserted that the discovery of the actual impact of the attack is a “dangerous set of circumstances.” Lee said that the justice department should share more information on the matter, such as the number of cases that have been influenced in any capacity, in addition to how many of these cases were outright dismissed.

TechRadar highlights how this specific cybersecurity incident is reportedly not related to the SolarWinds attack, even though they both materialized around the same time during 2020.

For reference, the SolarWinds attack has gone down in history as among the most impactful supply chain cyber attacks ever. The group and individuals behind the incident managed to extract Microsoft 365 login credentials from SolarWinds employees via phishing methods, as detailed by TechRadar.

An exposed patch was then deployed by the threat actors to hundreds of thousands of endpoints, which saw government agencies and several technology giants bearing the brunt of the impact.

In related governmental cybersecurity news, a bug bounty program revealed how one of the largest departments of the U.S. government — Homeland Security — discovered over 100 security vulnerabilities within external DHS systems.

Editors' Recommendations

Zak Islam
Computing Writer
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
Hackers are using fake WordPress DDoS pages to launch malware
A digital depiction of a laptop being hacked by a hacker.

Hackers are pushing the distribution of dangerous malware via WordPress websites through bogus Cloudflare distributed denial of service (DDoS) protection pages, a new report has found.

As reported by PCMag and Bleeping Computer, websites based on the WordPress format are being hacked by threat actors, with NetSupport RAT and a password-stealing trojan (RaccoonStealer) being installed if victims fall for the trick.

Read more
Google just thwarted the largest HTTPS DDoS attack in history
A depiction of a hacker breaking into a system via the use of code.

Google has confirmed that one of its cloud customers was targeted with the largest HTTPS distributed denial-of-service (DDoS) attack ever reported.

As reported by Bleeping Computer, a Cloud Armor client was on the receiving end of an attack that totaled 46 million requests per second (RPS) at its peak.

Read more
Hacking-as-a-service lets hackers steal your data for just $10
A depiction of a hacker breaking into a system via the use of code.

A new (and cheap) service that offers hackers a straightforward method to set up a base where they manage and perform their cyber crimes has been discovered -- and it’s gaining traction.

As reported by Bleeping Computer, security researchers unearthed a program called Dark Utilities, effectively providing a command and control (C2) center.

Read more