Tag Archive for: court

Court delays mount 2 weeks into ransomware attack on Colorado public defender’s office – Greeley Tribune


The Office of the Colorado State Public Defender remains crippled by a ransomware attack two weeks after the malware first forced the statewide agency to disable its computer systems — and the shutdown is raising growing concern across the state court system as delays mount.

Most public defenders have regained access to their computers, court filings and “some client files” since the ransomware was discovered Feb. 9, but “more work is necessary to return to normal operations,” the agency said in a statement Friday.

Officials with the public defender’s office refused to say how much money was demanded in the ransomware attack, in which criminals blocked access to some of the agency’s files and demanded payment to restore that access.

They also have not said whether the office will pay the ransom, when the agency expects to once again be fully operational, what kind of information was breached, and whether the personal information of attorneys, witnesses or victims of crime was exposed.

Public defenders this week still could not effectively represent their clients in court in most cases, said 18th Judicial District Attorney John Kellner, who serves as the elected prosecutor in Arapahoe, Douglas, Elbert and Lincoln counties.

“It’s reminiscent of the COVID slowdowns a couple years ago,” he said. “We have public defenders asking for continuances or resetting trials on most matters.”

In the week after the attack, the statewide number of rescheduled hearings jumped by nearly 600 compared to the previous week, according to data provided by the Colorado Judicial Department. Hearings were rescheduled in about 3,300 cases across the state in the week before the attack, which increased to about 3,900 cases during the first full week that the public defender’s office was dealing with the ransomware — an 18% jump.

The longer the public defender’s office is non-operational, the more of a problem the repeated rescheduling becomes, said 16th Judicial District Chief Judge Mark MacDonnell.

“I don’t think we’ll be able to continue on this path for a long time,” he said. “It’s been two weeks and it’s getting to the point where if it’s not solved,…

Source…

Kansas court system nears ransomware recovery completion


Total recovery from a Russian ransomware attack in October at Kansas’ court system was noted to be imminent by state Supreme Court Chief Justice Marla Luckert following this week’s restoration of its case management system and free public portal for electronic court records, according to The Record, a news site by cybersecurity firm Recorded Future.

While electronic filing is expected to be completely restored during the next two weeks, more advanced defenses have already been set in place to expedite recovery of systems that could be impacted by a future ransomware attack, said Luckert during a State of the Judiciary speech before the state legislature. Luckert also emphasized that ransomware recovery efforts were not accelerated to ensure the safety of its citizens after confirming claims that data had been stolen from its systems.

“As these and other details emerged, it became clear we needed to implement alternative business practices to keep courts running. Courts across the state reverted to old school methods, including paper filings. We communicated to the public about how we used the paper environment,” said Luckert.

Source…

‘It’s not ideal’: Kansas lawmakers talk security incident that took down online court access


TOPEKA — A dragon spitting fire at the Kansas statehouse, depicted in a Vincent Van Goh style, illuminated the possibilities of Artificial Intelligence to lawmakers during a Wednesday meeting.

An overview of AI creative designs provided some levity before legislators turned to discussion of the state’s changing internet landscape — one that IT officials have repeatedly warned needs to be better secured.

“I’d like to improve our ability to respond and recover from cyber incidents, including testing, tracking and training for known unlikely eventualities,” said Michael Murphy, security engineer with the Kansas Legislative Office of Information Technology.

Murphy said he and other legislative IT staff would look into system security upgrades and improvements before the upcoming legislative session.

“The first priority right now is security awareness training,” Murphy said. “Like I said, the biggest point of failure is going to be the people. So we need to make sure everybody’s trained up on how to do things properly.”

The renewed discussion on internet security comes after a “security incident” that shut down online operations for most of the state’s courts. Kansas’ judicial branch publicly announced the issue on Oct. 12, later indicating that clerks in 104 counties were unable to receive online filings. The Johnson County District Court, which operates its own e-filing and case management system separately from the state, is the only state district court not affected.

While courts are still operating, all filings have to be submitted in paper. The investigation into the incident is ongoing, with little information publicly released.

“We also have to figure out how to stop these bad actors from doing things that screw everything up, like they’ve done in judiciary,” said committee lawmaker Rep. Barb Wasinger, R-Hays, before lawmakers withdrew to speak privately about judiciary IT security during an executive session.

Though last year’s risk assessment of the state’s court system has been earmarked as confidential, previous audits of several state agencies have shown several weaknesses. A cybersecurity…

Source…

Silent cyber coverage here to stay? New Jersey Appellate Court rejects insurers’ attempt to expand scope of the war exclusions to cyber claims


The War and Hostile Action Exclusions have been standard exclusions in property and general liability policies for decades. With the rise of cyber claims, insurers have turned to these exclusions to deny coverage where the bad actor may have governmental roots. In a win for policyholders, the New Jersey Appellate Division rejected the insurers’ attempt to deny coverage and held that the hostile/warlike action exclusion did not apply to non-military, cyber-attack claims. See Merck & Co. v. ACE American Insurance Co.1 This ruling affirms the traditional scope of these exclusions and establishes that coverage under a commercial property policy for property damage caused by cyber-related incidents, colloquially known as “silent cyber” coverage, persists.

Merck & Co. v. ACE American Insurance Co.

On June 27, 2017, New Jersey pharmaceutical company, Merck & Co. (“Merck”), suffered a cyber-attack that left thousands of Merck’s computers damaged and encrypted by the malware known as NotPetya. The malware caused large-scale disruption to Merck’s business, resulting in $699,475,000 in losses. Although the exact origin of the malware was unknown, it was believed to have originated from the Russian Federation.

Merck tendered the claim to its all-risk property insurance carriers. The insurers reserved their right to deny coverage pursuant to hostile/warlike action exclusions and then subsequently denied coverage. Specifically, these exclusions exclude coverage for “loss or damage caused by hostile or warlike action” which was caused by “any government or sovereign power . . . or by military, naval or air forces . . . or by an agent of such government . . . .”2 The insurers argued that the word “hostile” should be broadly read to mean any antagonistic, unfriendly, or adverse action by a government or sovereign power, including the Russian Federation. Rejecting the insurers’ argument, the trial court held that the hostile/warlike action exclusions were inapplicable to the NotPetya related claims. The insurers appealed.

The New Jersey Court of Appeals Narrowly Construed the Hostile/Warlike Action Exclusion

On appeal, the Court looked to the plain and ordinary…

Source…