The US court system has banned the electronic submission of legal documents in sensitive cases out of concern that Russian hackers have compromised the filing system.
In an extraordinary memo [PDF] handed down to all courts late last week, any documents that “contain information that is likely to be of interest to the intelligence service of a foreign government” will now have to be physically printed out and provided in a physical format.
The decision follows concerns last month that as a result of the SolarWinds fiasco – in which suspected Kremlin spies gained access to the networks of multiple US government departments via backdoored IT tools – that the court system itself has been hacked, making Highly Sensitive Documents (HSDs) accessible.
Typically those documents are filed through the court system’s electronic filing system but are sealed, requiring specific login access. Despite the online system’s shortcomings (it is clunky, has a dreadful search function and a horribly outdated UI), it has proven an extremely useful resource and allows for quick provision and access to documents.
But, as the notice says: “In response to recent disclosures of wide-spread breaches of both private sector and government computer systems, federal courts are immediately adding new security procedures to protect highly sensitive documents filed with the courts.”
The new rules don’t apply to whole cases but to any documents that would be viewed as HSDs within any case. They typically involve “national security, foreign sovereign interests, criminal activity related to cybersecurity or terrorism, investigation of public officials, the reputational interests of the United States, and extremely sensitive commercial information likely to be of interest to foreign powers.”
In other words, stuff you don’t want the Russians, or Chinese, or North Koreans, or whoever, reading. That means sensitive wiretap details will go paper as well as any pleadings or offers to cooperate, and so on.
It’s a sign of just how deeply the hackers, who tampered with SolarWinds’ Orion suite, managed to penetrate US networks that the court system has taken on a massive additional burden – something that is almost certain to slow the progress of a significant number of cases.
The Administrative Office of US Courts confirmed its system had been breached in January, joining a long list of other US government organizations and Fortune 500 companies that were compromised for anywhere up to six months after installing the tainted tools.
US courts system fears SolarWinds snafu could have let state hackers poke about in sealed case documents
As a result, lawyers involved in such cases will have to print out any highly sensitive documents and then hand-deliver them to the courthouse.
Those documents will then be uploaded to a computer at the courthouse that isn’t connected to any network. And lawyers will then have to travel to the court and to that computer to gain access to the docs. Something which is, of course, made even harder thanks to COVID-19 pandemic protocols.
Aside from that, however, security experts are now worried about the potential impact of the Russian government having copies of thousands of highly sensitive non-public documents. Access to large quantities of information on ongoing cases, including who the US government is monitoring and any deals people may be cutting, would be a treasure trove for a foreign intelligence agency.
It is not thought however that access was gained to the most sensitive US court – the secretive FISA aka Foreign Intelligence Surveillance Court – which runs its own system that is not connected to other networks. ®