DDoS attack on Pennsylvania court system knocks out filing systems, bail payment site
ennsylvania’s court system was hit with a distributed denial-of-service (DDoS) attack and is experiencing disruptions, according to Chief Justice Debra Todd.
Portions of the Pennsylvania Courts’ website are currently down due to the attack and Todd said that both the FBI and Cybersecurity and Infrastructure Security Agency (CISA) are involved in the recovery effort.
“There is still no indication that any court data has been compromised and our courts remain open and accessible to the public,” she said in a statement on Monday afternoon.
The state announced on Sunday night that it was facing service outages. The electronic filing system used by attorneys is not available, alongside other key systems that track appointed guardians and more. The web docket system is also down.
The system used for court payments – including fines, restitution, bail and registration – is also unavailable. Law enforcement agencies in the state are still able to use the websites containing information on warrants and criminal complaints.
Court officials did not respond to requests for comment about whether any demands or ransoms were issued in connection to the DDoS attack. They also did not say whether the DDoS incident was connected to another cyberattack specifically targeting the Pennsylvania county of Washington.
On January 28, county officials there sent an urgent message to the state’s Supreme Court declaring a “judicial emergency in the district,” and explaining that it “has suffered a critical incident, rendering significant segments of the technology infrastructure in the County to be inaccessible and/or inoperable.”
“The judicial district’s technology is intertwined with that of the County and is maintained by the County’s information technology staff; thereby leaving the Court dependent on the County for technology resources,” Washington County president judge Gary Gilman said.
County officials severed their connections to the court's network and servers at 10 a.m. on January 24, cutting them off from email, recording systems, jury management platforms, case management documents and more. No one can use court-issued computers until cybersecurity experts clear the devices.
The court has struggled to function, according to Gilman, who added that there was little progress between January 24 and 28.
“It is unclear as to when the technology resources of the judicial district will be restored to an operable condition. There is a possibility that the judicial district will suffer some degree of data loss because of the critical incident,” Gilman wrote, noting that the court hired a lawyer and digital data forensics firm Sylint to help them.
Eric Goldstein, executive assistant director of CISA, confirmed to Recorded Future News that they are working with the Pennsylvania Courts and “stand ready to provide any of CISA’s services that may be of assistance.”
A CISA official noted that they have provided a trove of guidance on how federal and state institutions can both prevent and deal with ongoing DDoS attacks — where someone overwhelms a service by overloading it with requests.
Last March, Wisconsin’s state court system was also hit with a DDoS attack that took down large parts of their digital systems.
U.S. courts on the state level continue to face an unprecedented barrage of crippling cyberattacks that take months to recover from.
Courts in Florida, Louisiana, Ohio, Nebraska, Texas, Missouri, Kansas and Illinois have all dealt with data leaks, ransomware incidents or distributed denial-of-service attacks this year that limited operations and caused significant issues.
Kansas Supreme Court Chief Justice Marla Luckert dedicated significant parts of her annual speech in front of the state legislature to the devastating ransomware attack that consumed the court starting in October.
The Russian ransomware gang that targeted them “attacked one of our democratic institutions, a foundation of our democratic society, one of the three branches of our government,” she said.
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.