Trial lawyer Robert Fisher is handling one of America’s most prominent counterintelligence cases, defending an MIT scientist charged with secretly helping China. But how he’ll handle the logistics of the case could feel old school: Under new court rules, he’ll have to print out any highly sensitive documents and hand-deliver them to the courthouse.
Until recently, even the most secretive material — about wiretaps, witnesses and national security concerns – could be filed electronically. But that changed after the massive Russian hacking campaign that breached the U.S. court system’s electronic case files and those of scores of other federal agencies and private companies.
The new rules for filing sensitive documents are one of the clearest ways the hack has affected the court system. But the full impact remains unknown. Hackers probably gained access to the vast trove of confidential information hidden in sealed documents, including trade secrets, espionage targets, whistleblower reports and arrest warrants. It could take years to learn what information was obtained and what hackers are doing with it.
It’s also not clear that the intrusion has been stopped, prompting the rules on paper filings. Those documents are now uploaded to a stand-alone computer at the courthouse — one not connected to the network or Internet. That means lawyers cannot access the documents from outside the courthouse.
Fisher is defending Gang Chen, a nanotechnology researcher fighting charges that he defrauded the U.S.
“It would be cumbersome if we do have to start filing pleadings during the litigation on paper. That’s going to be more difficult,” Fisher said. “Particularly during COVID. Most of us are working from home.”
The Russian intrusion through the SolarWinds software has President Joe Biden in an early tussle with his Russian counterpart, President Vladimir Putin, and U.S. senators are worried about the “grave risk” to U.S. intelligence.
The Administrative Office of U.S. Courts confirmed the court system breach on Jan. 6, joining a victims’ list that includes the State Department, the National Institutes of Health, tech companies and an unknown number of Fortune 500 companies. U.S. officials have linked the effort, which went on for much of 2020, to elite Russia hackers.
“I don’t think we know what motivated the Russians in this case to target the court system — whether it was a target of opportunity enabled by this SolarWinds breach, or whether it was a … priority,” said Ben Buchanan, who teaches cyberespionage at Georgetown University’s School of Foreign Service.
Though the entry point in the SolarWinds network software has been plugged, “it is really hard to kick the Russians out once they’re in,” he said.
Federal court operations are largely decentralized. Each of the 13 circuits adopts its own rules and security measures. Some courts encrypt documents filed under seal, but others do not, according to court employees who spoke with The Associated Press on condition of anonymity because they were not authorized to publicly discuss the security breach.
Either way, anyone sophisticated enough to launch the SolarWinds attack can probably decrypt data, perhaps by stealing an authorized user’s credentials, experts said. Targets could include not just court staff, but also “soft targets” such as law firms that upload files to the case management system, known as CM/ECF.
Criminal, civil and bankruptcy filings are believed to have been compromised, but not the Foreign Intelligence Surveillance Court system, which handles national security surveillance warrants, according to the court employees.
Senators are pressing court officials and the Justice Department for a clear assessment of the damage to the legal system.
“I fear that we do not know how Russia could take advantage of the access and information it may have obtained, and we likely won’t know until it’s far too late,” Sen. Richard Blumenthal, D-Conn., told The Associated Press in a statement. “The cleanup of this breach will be extraordinarily difficult …, but we cannot cut corners and just hope that the Russians left.”
Some worry that the new rules will reduce public access to court proceedings, but they could also make judges rethink whether a seal or paper filing is really necessary. Court transparency advocates feel that judges have been on a sealing binge in recent years, keeping the public in the dark about important evidence in product liability, public corruption and other cases.
But others say the need for privacy is real, especially when it comes to corporate fights over patent secrets or other intellectual property, or whistleblower complaints, which remain secret while the government investigates. They fear that companies could be shaken down or see their stock price plummet if the information is exposed.
“There’s an underlying concern about what was breached. Our cases do ultimately come out from under seal, but the risk is a compromise in the interim, of a federal investigation or our clients,” said lawyer Erica Blachman Hitchings of the Whistleblower Law Collaborative in Boston.
Frank Montoya Jr., a retired FBI agent and counterterrorism expert, believes Russian officials will exploit whatever they can as they sift through the data, just as they did in 2016, when they leaked stolen Democratic National Committee emails during the U.S. presidential election. It could take years, or decades, to gauge their intent.
“We tend to still look at this stuff as spy versus spy. But the reality is, it’s not just about a specific targeted interest. It’s about exploiting everything to make money, to benefit the state, to undermine the U.S.,” he said.
But Georgetown’s Buchanan doesn’t see the Russian government selling trade secrets, even for something as valuable as the COVID-19 vaccine or a blockbuster drug. He believes it’s all about statecraft — and espionage.
Retired U.S. Circuit Judge Thomas Vanaskie, who led the U.S. Judicial Conference’s Information Technology Committee about 12 years ago, worries about the government’s duty to people who seek justice from the courts.
“We have assured counsel that you can file on our system, electronically, confidential material that will be sealed, and not subject to being hacked,” he said. “And here we are, hacked.”
Related: SolarWinds Hackers Used ‘Raindrop’ Malware for Lateral Movement
Related: Biden Orders Intelligence Agencies to Assess SolarWinds Hack
Related: Hundreds of Industrial Organizations Received Sunburst Malware in SolarWinds Attack
