Adam Goldman, Glenn Thrush, and Mattathias Schwartz report:
Investigators have uncovered evidence that Russia is at least partly responsible for a recent hack of the computer system that manages federal court documents, including highly sensitive records with information that could reveal sources and people charged with national security crimes, according to several people briefed on the breach.
It is not clear what entity is responsible, whether an arm of Russian intelligence might be behind the intrusion or if other countries were also involved, which some of the people familiar with the matter described as a yearslong effort to infiltrate the system. Some of the searches included midlevel criminal cases in the New York City area and several other jurisdictions, with some cases involving people with Russian and Eastern European surnames.
Read more at the New York Times.
Over on Politico, John Sakellariadis also posted an update on the situation.
It’s clear from available coverage that the lack of a centralized system with robust security is a serious problem.
And as DataBreaches wrote to Sakellariadis this morning in response to his reporting, somebody also needs to point out that these decentralized federal courts seem to have no way to receive alerts from third parties. If Congress is serious about hardening security, they should add that to their must-do list: every court or a central point should have a way of receiving, escalating, and evaluating alerts from researchers or third parties.
Politico reports:
The CM/ECF system does not host the most sensitive national security cases prosecuted by the government. The Justice Department also takes special care to handle information on witnesses in criminal cases who face a particularly high risk or enter the witness protection program, storing that data on its own systems.
That sounds prudent, but how secure is the DOJ’s system?
as long as clownstrike and buttconnect weren’t behind the attribution this might be believable