Nov 21, 2023

Kan. court system suffered a sophisticated foreign cyber-attack

Posted Nov 21, 2023 6:01 PM

TOPEKA—The seven justices of the Kansas Supreme Court released  statement Tuesday regarding the October 12 security incident that disrupted access to information systems used by courts statewide.

The disruption left attorneys unable to search online records and forced them to file motions the old fashioned way — on paper. Courts limped along, although the growing piles of paper are a mess that will have to be sorted and scanned eventually.

According to the statement from Kansas Supreme Court Chief Justice Marla Luckert and Justices Eric Rosen, Dan Biles, Caleb Stegall, Evelyn Wilson, K.J. Wall, and Melissa Standridge:

“A few weeks ago, the Kansas judicial branch was a victim of a sophisticated foreign cyberattack that impacted the information systems used by the Kansas judicial branch. This attack has temporarily incapacitated Kansas Office of Judicial Administration information systems, affecting daily operations of the state’s appellate courts and district courts in 104 counties.

“When we discovered the attack, we quickly disconnected our information systems from external access. We notified state authorities, and since that time have benefited from the continued support provided by the governor’s office, legislative leadership, and state and federal law enforcement. This attack—on one of our three branches of government—was made against all Kansans.

“While the impact on our information systems is temporary, the cybercriminals also stole data and threatened to post it to a dark web site if their demands were not met. We are working with cybersecurity experts to identify the data quickly and securely so we can conduct a comprehensive review to determine the full scope of what personal information the cybercriminals may have stolen. Based on our preliminary review, it appears the stolen information includes Office of Judicial Administration files, district court case records on appeal, and other data, some of which may be confidential under law. A full review of what may have been stolen is a high priority to us but it will take time. Once this review is complete, we will notify those affected. As we respond to this criminal attack, we will continue to update our incident response page.

“Cyberattacks on government entities are rampant. According to the 2022 FBI IC3 Internet Crime report, government is the third most-targeted sector for such attacks. Cybercrime is a persistent and serious threat to our democratic institutions. With the help of cybersecurity experts, we are buttressing our systems to guard against future attacks. It will likely take several weeks to return safely to normal operations, including electronic filing, but we will do so.

“This assault on the Kansas system of justice is evil and criminal. Today, we express our deep sorrow that Kansans will suffer at the hands of these cybercriminals.

“Throughout this incident, our decisions have been guided by our foundational values. Chief among those is our dedication to upholding and abiding by the rule of law. By adhering to those values at this profoundly trying time, we seek to demonstrate that no malicious element is more powerful than the rule of law and the institutions that abide by it.”