Federal judiciary likely compromised as part of SolarWinds hack

Thehill.com

The U.S. federal judiciary reported this week that it had suffered an “apparent compromise” as part of the recently discovered Russian hack of IT company SolarWinds.

In a statement published to the U.S. Courts’ website on Wednesday afternoon, the judiciary noted that its Case Management/Electronic Case Files (CM/ECF) system had suffered “an apparent compromise” that threatened confidentiality due to vulnerabilities linked to the hack of SolarWinds.

The statement noted that the judiciary is working with the Department of Homeland Security to carry out a full security audit and noted that steps were being taken to ensure the CM/ECF system was not further compromised.

ADVERTISEMENT

“Due to the nature of the attacks, the review of this matter and its impact is ongoing,” the judiciary wrote. “Under the new procedures announced today, highly sensitive court documents (HSDs) filed with federal courts will be accepted for filing in paper form or via a secure electronic device, such as a thumb drive, and stored in a secure stand-alone computer system. These sealed HSDs will not be uploaded to CM/ECF.”

James Duff, secretary of the Judicial Conference of the United States, said in a statement on Wednesday that “the federal Judiciary’s foremost concern must be the integrity of and public trust in the operation and administration of its courts.”

The judicial branch announced the potential breach the same day the Department of Justice confirmed it has been compromised as part of the attack on SolarWinds, with an agency spokesperson announcing Wednesday that around 3 percent of employee emails had been accessed. The Justice Department has around 100,000 employees.

Other agencies impacted by the hack, which has been ongoing since as early as March, include the Treasury Department, the Department of Homeland Security, the Department of Defense and the Energy Department’s National Nuclear Administration Administration.

But the number of affected organizations is far higher, with SolarWinds reporting to the Securities and Exchange Commission last month that around 18,000 of its customers had been impacted. The company counts the majority of U.S. Fortune 500 companies as customers, along with much of the federal government.

ADVERTISEMENT

A federal coalition formed to investigate the hack — made up of the FBI, the Office of the Director of National Intelligence, the National Security Agency and the Cybersecurity and Infrastructure Security Agency — earlier this week formally blamed Russia for the hack in a joint statement.

While the statement was put out on behalf of President Trump, he has only publicly addressed the cybersecurity incident once, tweeting in December that China may have been behind the SolarWinds hack instead.

Both the Chinese and Russian governments have denied involvement, and Secretary of State Mike Pompeo and former Attorney General William Barr have previously said Russia was behind the incident. President-elect Joe Biden described the attack on SolarWinds as “grave threat to our national security.”