Cybersecurity: Protecting Court Data

The views expressed are those of the author and do not necessarily reflect the views of ASPA as an organization.

By Brian McLaughlin
May 26, 2017

In June 2016, the international activist hacker group Anonymous Legion claimed responsibility for a cyberattack on the State of Minnesota Judicial Branch’s website. This was not the first attack on the Minnesota judiciary, who suffered two similar “Denial of Service” attacks in December 2015. Though the cyber attackers disrupted Minnesota’s website functionality for 10 days, they did not breach any of protected data assets in court systems. Minnesota’s experience is unfortunately not unique. Court systems, both state and federal, are guardians of sensitive information for individuals and organizations. This extraordinary responsibility makes them a ripe target for cyberattacks. To properly protect data assets, courts must coordinate internally, and with the executive and legislative branches, in cyberattack prevention and response.

The federal Judiciary designates cybersecurity as their top administrative priority. As Judge Julia Gibbons, chair of the United States Judicial Conference’s Budget, states, “Judiciary systems have and will continue to be targeted, like government and commercial entities everywhere.” A multitude of entry points exist for cyberattacks or cyber breaches on the judicial branch, including information systems, networks (including WiFi), employee personal devices (including smartphones) and an array of court technology. Beyond the damaging consequences of disrupting court operations, hackers target the trove of sealed information in judiciary systems. A sampling of this data includes:

• Personal identifiers – including social security numbers, credit cards, and bank accounts
• Confidential informant names and search warrants in criminal cases
• Records on cases involving children and families, including adoptions
• Trade secrets in civil cases involving businesses and corporations
• Victim data in domestic violence and sexual assault cases
• Grade jury records and testimony
• Medical and psychological reports

Types of Cyberattacks

The Federal Bureau of Investigation (FBI) defines a cyber incident as “a past, ongoing, or threatened intrusion, disruption, or other event that impairs or is likely to impair the confidentiality, integrity, or availability of electronic information, information systems, services, or networks.” Four types of cyberattacks are particularly concerning for court officials:

• Denial of Service (DoS) attacks – This type of cyberattack prevents legitimate users from accessing network services. DoS attacks are most commonly effectuated by overwhelming servers with traffic to a specific site.
• Phishing – This type of attack uses social engineering to solicit personal information from unsuspecting users. Phishing e-mails appear to look legitimate, and ask users to enter items such as user names or passwords to compromise accounts.
• Ransomware – This type of cyberattack infects software and locks access to data until a ransom is paid. Through phishing e-mails, drive-by downloading and unpatched vulnerabilities, hackers attempt to extort users by encrypting their data until the prescribed conditions are met.
• Spyware – This type of cyberattack, also known as adware, infects a computer by producing pop-up ads, re-directing browsers and monitoring a user’s internet activity.

Cyberattack Prevention

Cyberattack prevention is a critical component of a court’s security planning. An effective cyber incident response plan can help law enforcement locate and apprehend the perpetrators. Court officials must identify court data assets and vulnerabilities. Once identified, IT staff can establish necessary layers of protection and documented protocols for managing systems. Regular testing of the cyberattack protection plan is essential, along with adjusting systems to emerging threats. IT staff must be attuned to the software updates and new technology in virus detection. In addition to planning, ongoing employee training is key to avoiding compromising activity.

Keeping pace with cyber criminals requires being on the cutting edge of security technology. Spending on security can save much more money in recovering assets. Consequently, the legislative branch also plays a vital role, as cybersecurity is increasingly a funding priority. In an era of challenges for public budgeting, courts must carefully tailor their budgetary requests. Documented in recent Congressional testimony, the United States Courts methodically presented their request for $85 million to cover cybersecurity activities. And in their 2018-2019 budget request, the Minnesota Judicial Branch requested $1.968 million to expand its efforts to mitigate the risk of data breaches, data corruption, system outages, document/data loss and cyberattacks.

Cyberattack Response

Properly responding to a cyberattack requires immediate, strategic action. A cybersecurity incident response team should be set in the planning process. Key first steps include pinpointing the area of intrusion and scope of the attack. Once assessed, the attack should be reported to at least one law enforcement agency, and explained to the public.

Law enforcement agencies in the executive branch are a vital component in the response to a cyberattack. The United States Department of Justice provides best practices for responding to and reporting cyberattack incidents. The FBI adds clear guidelines for cyberattack incident reporting. Minnesota officials worked with the FBI Cyber Task Force in the aftermath of their DoS attacks. In the Department of Homeland Security, the United States Computer Emergency Response Team (US-CERT) develops timely and actionable cybersecurity information for federal departments and agencies, as well as state and local governments.

Summary

Court systems are guardians of sensitive data for individuals and organizations. But they cannot fulfill this responsibility alone. In cyberattack prevention and response, the judicial branch needs the resources of the other branches of government to effectively protect data assets.

*This article presents the personal views of the author, and does not represent the New Jersey Judiciary.

---

Author: Brian J. McLaughlin, MS, MPA is an adjunct faculty member with the Department of Public Administration at Villanova University, and has administrative experience with the judicial branch at the local, state, and federal levels. He can be reached at [email protected].

(6 votes, average: 4.67 out of 5)
Loading...