It seems like everyday a new wrinkle unfolds in the dramatic aftermath of the SolarWinds supply chain breach of December 2020.
The threat actors, alleged to be Russia-based, successfully planted a backdoor in SolarWinds' Orion product, which is a network monitoring software. This resulted in a plethora of organizations affected by the cyberattack, and some who have been hit with follow-up attacks involving data exfiltration.
The organizations affected include private companies like Cisco and Microsoft, as well as U.S. government agencies, including the State Department, the National Institutes of Health, and the Department of Homeland Security.
Now, we are seeing another fallout from the attack which is seriously affecting the U.S. courts system.
SolarWinds attack affecting U.S. courts
The Administrative Office (AO) of the U.S. courts was also a victim to the SolarWinds hack.
Recently, the Director of the AO, James C. Duff, released an "Urgent Action Required" memo to the courts. Here is the first point of emphasis from the memo:
"To the extent they have not already done so, all courts should issue a standing or general order or adopt some other equivalent procedure requiring that highly sensitive documents (HSDs) will be accepted for filing only in paper form or via a secure electronic device. HSDs should be stored in a secure paper filing system or a secure standalone computer system that is not connected to any network,
particularly the internet.
The AO will provide courts with model language for a standing or general order as well as advice and guidance on how to establish and securely maintain a standalone computer system if a court chooses that option."
So, due to the SolarWinds attack, most sensitive information cannot be submitted electronically to courts.
The courts elected to make this move because they believe it is likely nation-state hackers were able to gain access to a lot of confidential information, including trade secrets, espionage targets, whistleblower reports, and arrest warrants, according to the AP.
While this information could be potentially devastating in the wrong hands, there is a small silver lining. It has been reported that the Foreign Intelligence Surveillance Court, which handles national security FISA warrants, was not affected by the attack.
Problems with courts going back to paper
Someone might wonder why the courts going back to paper is a serious problem; after all, that's how courts operated for decades before the internet.
Alan Woodward, a professor of computer science at England's University of Surrey, spoke with InfoRiskToday about his belief that the secondary fallout of the attack will be the most devastating.
"We're all so dependent on IT-based systems now that to try to move back to a paper-based system as anything other than a backup would lead to all sorts of holdups. Unless you're planning to reinstate the typing pools and bring back Dictaphones, not to mention the messengers to carry hard copies to court, we have to find a way to secure these systems.
There was surprise expressed about why they had targeted the court system. Simple: It's a way of disrupting the daily lives of those interacting with the establishment. Why bomb a country into submission when you can cause it to grind to a halt under the weight of paperwork needed to keep our social processes working?"
If Woodward is proved to be right about the secondary effects of the SolarWinds attack, it will be a very challenging time period for the U.S. courts system and other organizations.