Investigation launched into vulnerabilities found within US Judiciary case file system

The United States Judiciary has announced an audit into its systems, following concerns its case file system has been compromised.

In making the announcement, the Judiciary said the Administrative Office of the US Courts was working with the Department of Homeland Security on a security audit relating to vulnerabilities in the Judiciary's Case Management/Electronic Case Files system (CM/ECF) that greatly risk compromising highly sensitive non-public documents, particularly sealed filings.

"An apparent compromise of the confidentiality of the CM/ECF system due to these discovered vulnerabilities currently is under investigation," it said. "Due to the nature of the attacks, the review of this matter and its impact is ongoing."

With the investigation ongoing, Judiciary said federal courts across the country will be adding new security procedures aimed at protecting highly sensitive confidential documents filed with the courts.

Moving forward, highly sensitive court documents filed with federal courts will be accepted for filing in paper form or via a "secure electronic device", such as a thumb drive, and stored in a "secure, stand-alone computer system". The documents will not be uploaded to CM/ECF. 

Filings not considered highly sensitive will continue to be sealed in CM/ECF "as necessary".

"The federal Judiciary's foremost concern must be the integrity of and public trust in the operation and administration of its courts," Secretary of the Judicial Conference of the United States James C. Duff said.

The Judiciary said following guidance from the Department of Homeland Security, its courts have suspended all national and local use of SolarWinds Orion products.

Earlier this week, the US Department of Justice (DOJ) confirmed that the hackers behind the SolarWinds supply chain attack targeted its IT systems, where they escalated access from the trojanized SolarWinds Orion app to move across its internal network and access the email accounts of some of its employees.

The number of impacted DOJ employees is currently believed to be around 3,000 to 3,450. The DOJ said it has now blocked the attacker's point of entry.

Four US cybersecurity agencies on Monday released a joint statement formally accusing the Russian government of orchestrating the SolarWinds supply chain attack.

US officials said that "an advanced persistent threat actor, likely Russian in origin" was responsible for the SolarWinds hack, which officials described as "an intelligence gathering effort".

HERE'S MORE

• SolarWinds fallout: DOJ says hackers accessed its Microsoft O365 email server
• US government formally blames Russia for SolarWinds hack
• SolarWinds: The more we learn, the worse it looks
• JetBrains denies being involved in SolarWinds hack
• CISA updates SolarWinds guidance, tells US govt agencies to update right away