- Регистрация
- 17 Февраль 2018
- Сообщения
- 38 917
- Лучшие ответы
- 0
- Реакции
- 0
- Баллы
- 2 093
Offline
Breaches in 2020 and 2025, reportedly by foreign adversaries, exposed confidential files.
Credit: Getty Images
US Senator Ron Wyden accused the federal judiciary of “negligence and incompetence” following a recent hack, reportedly by hackers with ties to the Russian government, that exposed confidential court documents.
The breach of the judiciary’s electronic case filing system first came to light in a report by Politico three weeks ago, which went on to say that the vulnerabilities exploited in the hack were known since 2020. The New York Times, citing people familiar with the intrusion, said that Russia was "at least partly responsible" for the hack.
A “severe threat” to national security
Two overlapping filing platforms—one known as the CM/ECF (Case Management/Electronic Case Files) and the other PACER—were breached in 2020 in an attack that closely resembled the most recently reported one. The second compromise was first detected around July 5, Politico reported, citing two unnamed sources who weren’t authorized to speak to reporters. Discovery of the hack came a month after Michael Scudder, a judge chairing the Committee on Information Technology for the federal courts’ national policymaking body, told members of the House Judiciary Committee that the federal court system is under constant attack by increasingly sophisticated hackers.
The CM/ECF allows parties in a federal case to file pleadings and other court documents electronically. In many cases, those documents are public. In some circumstances, the documents are filed under seal, usually when they concern ongoing criminal investigations, classified intelligence, or proprietary information at issue in civil cases. Wyden, a US senator from Oregon, said in a letter to Chief Supreme Court Justice John Roberts—who oversees the federal judiciary—that the intrusions are exposing sensitive information that puts national security at risk. He went on to criticize the judiciary for failing to follow security practices that are standard in most federal agencies and private industry.
“The federal judiciary’s current approach to information technology is a severe threat to our national security,” Wyden wrote. “The courts have been entrusted with some of our nation's most confidential and sensitive information, including national security documents that could reveal sources and methods to our adversaries, and sealed criminal charging and investigative documents that could enable suspects to flee from justice or target witnesses.”
The senator laid the blame for the breaches squarely on the judiciary’s refusal to acknowledge the security failings openly and its resistance to disclose the causes and enact meaningful changes to prevent future breaches. Wyden continued:
Yet, you continue to refuse to require the federal courts to meet mandatory cybersecurity requirements and allow them to routinely ignore basic cybersecurity best practices. Federal judicial technology and cybersecurity policy is set by a committee of judges whose membership you have kept hidden from the public and who presumably have no technology expertise. The case management system used by the federal courts has been hacked multiple times, in part because the system is insecure, antiquated and expensive to operate. While the judiciary has solicited advice from leading government experts on establishing a modern, secure and efficient case management system, the judiciary thus far has ignored that advice and has made no meaningful progress towards a replacement. These serious problems in the judiciary’s approach to cybersecurity have been able to fester for decades because the judiciary covers up its own negligence, has no inspector general and repeatedly stonewalls congressional oversight. This status quo cannot continue.
Wyden called for Roberts to appoint an "independent, public, expert review” headed by the National Academy of Sciences to examine both intrusions, with a focus on development and procurement of the software running the filing systems. He said that to date, the judiciary has failed to acknowledge the failings to congressional overseers or members of the public.
“The judiciary’s complete failure to address its cybersecurity problems after the 2020 breach, as well as the subsequent coverup and stonewalling of congressional oversight, makes it clear that the judiciary and its policymaking arm, the Judicial Conference, are ill-equipped to diagnose and address their own problems,” Wyden wrote. “An independent, public, expert review is essential not only because of repeated hacks, but also because of the judiciary’s subsequent lack of transparency.”
Credit: Getty Images
US Senator Ron Wyden accused the federal judiciary of “negligence and incompetence” following a recent hack, reportedly by hackers with ties to the Russian government, that exposed confidential court documents.
The breach of the judiciary’s electronic case filing system first came to light in a report by Politico three weeks ago, which went on to say that the vulnerabilities exploited in the hack were known since 2020. The New York Times, citing people familiar with the intrusion, said that Russia was "at least partly responsible" for the hack.
A “severe threat” to national security
Two overlapping filing platforms—one known as the CM/ECF (Case Management/Electronic Case Files) and the other PACER—were breached in 2020 in an attack that closely resembled the most recently reported one. The second compromise was first detected around July 5, Politico reported, citing two unnamed sources who weren’t authorized to speak to reporters. Discovery of the hack came a month after Michael Scudder, a judge chairing the Committee on Information Technology for the federal courts’ national policymaking body, told members of the House Judiciary Committee that the federal court system is under constant attack by increasingly sophisticated hackers.
The CM/ECF allows parties in a federal case to file pleadings and other court documents electronically. In many cases, those documents are public. In some circumstances, the documents are filed under seal, usually when they concern ongoing criminal investigations, classified intelligence, or proprietary information at issue in civil cases. Wyden, a US senator from Oregon, said in a letter to Chief Supreme Court Justice John Roberts—who oversees the federal judiciary—that the intrusions are exposing sensitive information that puts national security at risk. He went on to criticize the judiciary for failing to follow security practices that are standard in most federal agencies and private industry.
“The federal judiciary’s current approach to information technology is a severe threat to our national security,” Wyden wrote. “The courts have been entrusted with some of our nation's most confidential and sensitive information, including national security documents that could reveal sources and methods to our adversaries, and sealed criminal charging and investigative documents that could enable suspects to flee from justice or target witnesses.”
The senator laid the blame for the breaches squarely on the judiciary’s refusal to acknowledge the security failings openly and its resistance to disclose the causes and enact meaningful changes to prevent future breaches. Wyden continued:
Yet, you continue to refuse to require the federal courts to meet mandatory cybersecurity requirements and allow them to routinely ignore basic cybersecurity best practices. Federal judicial technology and cybersecurity policy is set by a committee of judges whose membership you have kept hidden from the public and who presumably have no technology expertise. The case management system used by the federal courts has been hacked multiple times, in part because the system is insecure, antiquated and expensive to operate. While the judiciary has solicited advice from leading government experts on establishing a modern, secure and efficient case management system, the judiciary thus far has ignored that advice and has made no meaningful progress towards a replacement. These serious problems in the judiciary’s approach to cybersecurity have been able to fester for decades because the judiciary covers up its own negligence, has no inspector general and repeatedly stonewalls congressional oversight. This status quo cannot continue.
Wyden called for Roberts to appoint an "independent, public, expert review” headed by the National Academy of Sciences to examine both intrusions, with a focus on development and procurement of the software running the filing systems. He said that to date, the judiciary has failed to acknowledge the failings to congressional overseers or members of the public.
“The judiciary’s complete failure to address its cybersecurity problems after the 2020 breach, as well as the subsequent coverup and stonewalling of congressional oversight, makes it clear that the judiciary and its policymaking arm, the Judicial Conference, are ill-equipped to diagnose and address their own problems,” Wyden wrote. “An independent, public, expert review is essential not only because of repeated hacks, but also because of the judiciary’s subsequent lack of transparency.”
