Ransomware attack on state court system

Not great.

Websites for the Texas court system were still down Monday after a ransomware attack late last week left the network temporarily disabled, according to the Office of Court Administration.

Officials discovered the breach early Friday and quickly shut down sites and disabled servers to contain it, the office said in a statement. The hack did not impact e-filing and other services, many of which have been transferred to the cloud in recent years, according to the office.

“At this time, there is no indication that any sensitive information, including personal information, was compromised,” the office said. It added that websites for local trial courts are still available online.

The office said it detected the breach early and has refused to pay any ransom. While the courts have moved increasingly to remote hearings amid the coronavirus pandemic, the attack was unrelated, according to the office.

Officials have not said when the system will be back online, but they have set up a temporary website and are working with law enforcement and the Texas Department of Information Resources to investigate the attack.

As the story notes, this is not the first time that Texas governmental entities have been targeted by ransomware. The first thing that TDIR will need to figure out is whether this was actually targeted, or just a crime of opportunity, perhaps the result of someone opening a phishing email. If you follow this sort of news, you know that ransomware attacks are on the increase around the world; here’s a prominent recent example. I’m sure the system will recover from this, and good for the OCA if they detected it quickly. We just need to up our vigilance and defensive measures to stay on top of this.

Related Posts:

This entry was posted in Technology, science, and math and tagged , , , , . Bookmark the permalink.

2 Responses to Ransomware attack on state court system

  1. Wolfgang says:


    Assuming what they are saying is true, this is a colossal failure. Whatever the reason may be (there is more to it, bla….), this is a disaster. It basically puts the appellate judiciary and their output into the dark. For those not involved in the appellate process, everything has gone e. Only pro-se litigants filed paper, and that too gets scanned and OCR-ed upon intake.

    You don’t have be a cyber-security geek to understand the importance of having to back up your entire database on offline storage and/or on a separate backup server, so you can restore your web site if anything should go wrong, and put it all up on a new domain, if necessary. It’s been 7 days and they are not there yet, so apparently some bad actor indeed got a lock on the whole thing, and don’t have a backup of the data.

    Have they not ever had a hard drive go bad to learn the lesson? Have they heard of viruses, malware, hack attacks? Not to mention that were previous breaches, like the one involving TRS, impacting millions of Texans.

    At least the orders and opinions issued before last Friday can be found via private-sector re-publishers, including Google Scholar (WL and LEXIS are expensive). What’s coming out in the way of appellate opinions currently is a different matter, however. SCOTX issues its orders list on a quickly slapped-together impromptu webpage (with only a few hyper links) and distributes the actual orders and opinions via Twitter and Dropbox. Only two COA have hyperlinks to posted opinions so far. That includes the 14th COA order in State v. Texas Democratic Party et al. and Chief Frost’s dissent.

    See here: https://www.txcourts.net/orders

    The only other way to get to appellate documents is through re:Search, a PACER-like system that is an adjunct to the Texas eFile system that is run by a private contractor. It’s been made available to the public at no cost due to the current crisis situation.

  2. Pingback: TxDOT hit with ransomware – Off the Kuff

Comments are closed.