March 7, 2024
Cyberattacks are evolving. Courts and other organizations must employ technology security programs to protect their infrastructure, data, and applications from cyberattacks, including phishing, malware, ransomware, denial-of-service (DoS), and hacking. Cybercrime is predicted to cost $9.5 trillion in 2024, according to Cybercrime Magazine.
Cybersecurity refers to the prevention of theft, damage, or unauthorized access to computer systems, networks, and digital data. As more devices are connected to the internet, cybersecurity has become an integral part of everyday life. This trend has also led to an increase in cyberthreat actors such as hackers, cybercriminals, and nation-state level cyberattacks, making cybersecurity crucial.
Recent cyber incidents have affected state courts in Alaska, Georgia, Pennsylvania, and Texas. In the webinar Communication and Managing Expectations During a Cyber-Attack, several court professionals share lessons learned after experiencing a cyberattack.
In September 2023, cybercriminals attacked the REJIS system causing St. Louis County to shut down computer systems. The Regional Justice Information System is a governmental system used across Missouri, Illinois, and Kansas by law enforcement and officials to find court cases, issue charges, and process people in custody at the jail.
In October 2023, the Kansas court system was hacked by cybercriminals and was forced to disconnect its court information system from external access. The Florida First Judicial Circuit court confirmed an information technology security event that impacted circuit courts across several Florida counties.
Responding effectively to a cybersecurity attack is crucial to minimize damage, protect sensitive information, restore normal operations, and apply strategies against future attacks. Having a cybersecurity plan in place is essential for a court to survive an attack. NCSC offers resources and tools that address unique cybersecurity challenges. The Joint Technology Committee’s Cybersecurity Basics for Courts is an overview of cybersecurity prevention techniques to handle incidents quickly and effectively. In the Making Cybersecurity Real and Relevant webinar, David Slayton and Corey Steel share how they survived a cyberattack. Key steps to take during and after a cyberattack are:
- Isolate affected systems to prevent the spread of the virus;
- Disconnect compromised devices;
- Activate the incident response plan, follow procedures, and assign roles;
- Document any evidence of the attack for possible legal actions;
- Contact law enforcement and provide relevant information to aid in their investigation;
- Notify key stakeholders such as cybersecurity professionals and experts to assess the attack;
- Communicate externally with the media about how the situation is being addressed; and
- Restore affected systems from clean backups.
Cybersecurity remains a growing concern and attacks are likely to increase in frequency and effectiveness as cybercriminals adopt AI technologies.
What steps has your court taken to safeguard against a cyberattack and implement cybersecurity plans? For more information, contact Knowledge@ncsc.org, cyber@ncsc.org, or call 800-616-6164. Follow the National Center for State Courts on Facebook, X, LinkedIn , and Vimeo. For more Trending Topic posts, visit ncsc.org/trendingtopics or subscribe to the LinkedIn newsletter.