The largest trial court in the United States, the Superior Court of Los Angeles County, closed all 36 courthouse locations on Monday to restore systems affected by a Friday ransomware attack.
The attack, which has not yet been claimed by a ransomware operation, affected the entire network of the Los Angeles Superior Court. This includes external systems like the MyJuryDuty Portal and its website and internal systems like the case management systems.
“With many of the Court’s network systems still inaccessible as of Sunday evening, the Court will close tomorrow in order to provide one additional day to get essential networks back online,” a statement issued on Sunday reads.
“At this time, the Court does not anticipate being closed beyond Monday, July 22. The Court is confident the closure will not exceed one day as it continues to make progress and overcome obstacles.”
The attack was disclosed on Saturday when the Court revealed that it started early Friday morning, July 19. The Los Angeles Superior Court (LASC) said the incident was unrelated to the ongoing worldwide outage impacting Windows systems after a faulty CrowdStrike update.
LASC was forced to immediately disable all network systems after discovering the attack to contain the breach—these devices will likely remain offline at least until Tuesday while they are restored and brought back online.
The Court added that it found no evidence that any data on the breach systems was compromised and that it’s currently working with the California Governor’s Office of Emergency Services (CALOES) and local, state, and federal law enforcement agencies to investigate the incident and assess its impact.
“The Court experienced an unprecedented cyber-attack on Friday which has resulted in the need to shut down nearly all network systems in order to contain the damage, protect the integrity and confidentiality of information and ensure future network stability and security,” Presiding Judge Samantha P. Jessner said.
“While the Court continues to move swiftly towards a restoration and recovery phase, many critical systems remain offline as of Sunday evening. One additional day will enable the Court’s team of experts to focus exclusively on bringing our systems back online so that the Court can resume operations as expeditiously, smoothly and safely as possible.”
The Los Angeles Superior Court, the largest trial court in the United States, has over 4,800 employees and operates 41 court facilities in 26 cities across the County of Los Angeles, serving a population of over 10 million.
In July 2017, Texas man Oriyomi Sadiq Aloba hacked LASC’s computer systems using employee credentials stolen in a phishing attack. He later used this account to steal other LASC employees’ credentials in spear-phishing attacks and used their compromised accounts to send over two million phishing emails impersonating high-profile companies such as Wells Fargo and American Express.
Aloba was sentenced in October 2019 to 145 months in prison and ordered by U.S. District Judge R. Gary Klausner to pay $47,479 in restitution.
Source: www.bleepingcomputer.com