Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Kansas Courts’ Computer Systems Are Starting to Come Back Online, 2 Months After Cyberattack

The court system in Kansas was hit by a cyberattack that caused outages and affected the courts in 104 counties.

The court system in Kansas has started bringing its computer system for managing cases back online, two months after a foreign cyberattack forced officials to shut it down along with public access to documents and other systems, the judicial branch announced Thursday.

The case management systems for district courts in 28 of the state’s 105 counties are expected to be back online by Monday, with others following by the end of the week. Online access to documents for the public will be restored after that, though counties that go back online will be able to offer access through terminals at their courthouses, the judicial branch said.

The courts also have restored systems that allow people to apply for marriage licenses online and file electronic requests for orders to protect them from abuse, stalking and human trafficking.

The Kansas Supreme Court’s seven justices, who oversee administration of the state courts, said last month that the judicial branch was the victim of a “sophisticated foreign cyberattack.” Criminals stole data and threatened to post it on a dark website “if their demands were not met,” the justices said.

However, judicial branch officials have not publicly disclosed the hackers’ demands, whether a ransom was paid or how much the state has spent in restoring judicial branch systems. Asked about a ransom Thursday, judicial branch spokesperson Lisa Taylor referred to last month’s statement.

“Restoring our district court case management system is a much-anticipated milestone in our recovery plan, but we still have a lot of work to do,” Supreme Court Chief Justice Marla Luckert said in a statement Thursday.

The outages affected the courts in 104 counties — all but the state’s most populous one, Johnson County in the Kansas City area. Johnson County has its own systems and isn’t scheduled to join the state’s systems until next year.

The judicial branch initially described the attack as a “security incident,” but cybersecurity experts said that it had the hallmarks of a ransomware attack — including in how court officials gave few details about what happened.

Advertisement. Scroll to continue reading.

The long outage has forced courts in the affected counties to return to having documents filed on paper. Judicial branch officials acknowledged that it could take weeks for the courts to electronically log all of the filings since the Oct. 12 shutdown.

The electronic filing and case management systems for the state Court of Appeals and Supreme Court will come back online after the district courts are done.

A risk assessment of the state’s court system, issued in February 2022, is kept “permanently confidential” under state law, as is one issued in June 2020.

Last month, state Rep. Kyle Hoffman, the chair of the Legislature’s information technology committee, told reporters after a meeting that the results of the 2020 audit were terrible, but he provided no details. He said the 2022 audit showed a lot of improvement, again without disclosing any details.

Two recent audits of other state agencies identified cybersecurity weaknesses. The most recent one, released in July, said “agency leaders don’t know or sufficiently prioritize their IT security responsibilities.”

Related: Small Kansas Water Utility System Hacking Highlights Risks

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cybercrime

Cloud company Rackspace has completed its investigation into the recent ransomware attack and found that the hackers did access some customer resources.