The Administrative Office of the U.S. Courts (AO) was breached by Russia-backed actors through the use of SolarWinds software, with “highly sensitive” documents – including sealed filings – put at risk, the organization said.
In a January 6 news release, the AO said it is working with the Department of Homeland Security on an audit of the Judiciary’s Case Management/Electronic Case File (CM/ECF) system, which was compromised by Russian actors using the exploit in SolarWinds Orion software. The AO noted that the software has been removed in accordance with the emergency directive from the Cybersecurity and Infrastructure Security Agency (CISA), but did not provide additional information on the breach.
“An apparent compromise of the confidentiality of the CM/ECF system due to these discovered vulnerabilities currently is under investigation. Due to the nature of the attacks, the review of this matter and its impact is ongoing,” the judicial agency said.
The AO also announced its findings have prompted a new requirement for courts to file highly-sensitive documents in paper or on USB drives. In response to the breach, James Duff, the Secretary of the Judicial Conference of the United States, released a memo with new filing procedures for ‘highly sensitive’ documents, requiring courts to use methods that prevent remote access. Federal courts will need to file them via paper copies or through “a secure electronic device” and stored in a stand-alone system, Duff said.
“We fully appreciate the practical implications of taking these steps and the administrative burden they will place on courts, yet any such burdens are outweighed by the need to preserve the confidentiality of sealed filings that are at risk of compromise,” wrote Duff.
Public documents and public access will not be affected – while other systems handle most decisions, the CM/ECF system houses non-public documents. In addition, the AO noted that not all sealed documents rise to the level of “highly sensitive,” and detailed a range of documents that do not have to meet the new requirements.