Connect with us

Hi, what are you looking for?


Incident Response

Top Official Says Kansas Courts Need at Least $2.6 Million to Recover From Cyberattack

Kansas Courts needs funding to cover the costs of bringing computer systems back online, pay vendors, improve cybersecurity and hire three additional cybersecurity officials.

The Kansas court system needs at least $2.6 million in additional funds to recover from an October cyberattack that prevented the electronic filing of documents and blocked online access to records for weeks, the state’s top judicial official told legislators Tuesday.

State Supreme Court Chief Justice Marla Luckert included the figure in a written statement ahead of her testimony before a joint meeting of the Kansas House and Senate Judiciary committees. The Republican-controlled Legislature must approve the funding, and Democratic Gov. Laura Kelly also must sign off.

Luckert’s written statement said the courts needed the money not only to cover the costs of bringing multiple computer systems back online but to pay vendors, improve cybersecurity and hire three additional cybersecurity officials. She also said the price tag could rise.

“This amount does not include several things: recovery costs we will incur but cannot yet estimate; notification costs that will be expended to notify individuals if their personal identifiable information has been compromised; and any services, like credit-monitoring, that the branch may decide to provide for the victims,” Luckert’s statement said.

The attack occurred Oct. 12. Judicial branch officials have blamed a ransomware group based in Russia, saying it stole data and threatened to post it on a dark website if its demands were not met.

Judicial branch officials have not spelled out the attackers’ demands. However, they confirmed earlier this month that no ransom was paid after responding to an Associated Press request for invoices since Oct. 12, which showed as much.

Luckert said little about the costs of the cyberattack during Tuesday’s joint committee meeting and did not mention the $2.6 million figure. She and other judicial branch officials also met with the House committee in private for about 15 minutes to discuss more sensitive security issues.

“The forensic investigation is ongoing,” she said during her public testimony to both committees.

Advertisement. Scroll to continue reading.

Luckert said courts’ costs include buying a new firewall as well as software and hardware. She said the court included the three new cybersecurity jobs in its proposed budget for the fiscal year that begins July 1 but now wants to be able to hire them in April, May or June.

State Rep. Stephen Owens, a Republican from rural central Kansas who serves on both the House judiciary and budget committees, said the courts are asking for “an awful lot of money” because of the cyberattack.

“That being said, I also think that we have to prioritize cybersecurity,” he said after Tuesday’s meeting. “We have to prioritize safeguarding of the information that we store on behalf of Kansans.”

Separately, Kelly is seeking $1.5 million to staff an around-the-clock, 12-person cybersecurity operations center, hire an official to oversee the state’s strategy for protecting data and hire someone to create a statewide data privacy program.

Written By

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.