Federal courts to ramp up filing system security after ‘recent escalated cyberattacks’

The U.S. judiciary announced plans to increase security for sensitive information on its case management system following what it described as “recent escalated cyberattacks of a sophisticated and persistent nature.”

In a Thursday statement, the federal judiciary said it’s “taking additional steps to strengthen protections for” that information. It also said its “further enhancing security of the system and to block future attacks, and it is prioritizing working with courts to mitigate the impact on litigants.”

The statement from the third branch comes one day after a Politico report revealed that its case filing system had recently been breached. That report cited unnamed sources who were concerned that the identities of confidential court informants may have been compromised.

While the federal courts’ statement acknowledged a recent escalation in cyberattacks on its case management system, it didn’t confirm details of the reported breach. In response to a FedScoop request for additional information about the reported attack, a spokesman for the Administrative Office of the U.S. Courts declined to comment and pointed back to the statement. 

The reported hack and statement come after a cyberbreach of the same system in 2020. In early 2021, during a hack of SolarWinds’ Orion products, the federal courts disclosed that it found “apparent compromise” of the Case Management/Electronic Case Files system (CM/ECF) and was investigating the matter.

Its statement after that breach similarly indicated that “federal courts are immediately adding new security procedures to protect highly sensitive confidential documents filed with the courts.” 

Notably, more than a year after the disclosure of that hack, Rep. Jerrold Nadler, D-N.J., who was then-House Judiciary Chairman, disclosed that the committee had learned about the “startling breadth and scope” of a breach in early 2020 and indicated it was separate from the SolarWinds breach that had impacted a number of federal agencies. 

In its Thursday statement, the judiciary noted that the majority of documents housed within the filing system aren’t confidential and are available to the public, but some of those documents are confidential and aren’t publicly accessible — known as being “sealed.”

“These sensitive documents can be targets of interest to a range of threat actors. To better protect them, courts have been implementing more rigorous procedures to restrict access to sensitive documents under carefully controlled and monitored circumstances,” the statement said.

That response has included implementing a zero-trust architecture, expanding multifactor authentication, and maximizing use of government-furnished equipment, per a readout from a meeting of the Judicial Conference, the judiciary’s policymaking body, in 2024. The AO also appointed a chief information officer in 2023. But even then, concern about cyberattacks remained, particularly ahead of the 2024 election.

“Now is not the time for one ounce of complacency,” U.S. Court of Appeals Judge Michael Y. Scudder said at that meeting, according to the release. “We have to keep making progress on our major projects; we have to find ways to meet our goals faster, by working within cyber-relevant timeframes, not ordinary government timelines; and we have to stay unified, with the courts and AO working together.”