Victoria’s court system has been hit by a ransomware attack that independent experts believe was orchestrated by Russian hackers.
A spokesperson for Courts of Victoria (CSV) said the hackers had accessed an area of the court system’s audiovisual archive. This means that hearing records containing witness testimony in highly sensitive cases may have been accessed or stolen.
CSV is currently working to notify those whose court proceedings were accessed by the hackers and will be setting up a contact center today for those who believe they may have been affected.
The recordings are from public hearings from November 1 to December 21, but some hearings before November may also have been affected.
The attack was discovered on December 21, just before the Christmas holidays, and resulted in staff being locked out of their computers and seeing the message “You are a PWND” on their screens.
The message directed court officials to a text file in which the hacker threatened to release files stolen from the court system and directed them to an address on the dark web for instructions on how to recover the files.
Access approximately 2 months of county court recordings
CSV said in an update Tuesday morning that county court cases were the most severely affected.
All criminal and civil hearings recorded on the network between November 1st and December 21st may have been accessed, including at least two cases related to historical and child sexual abuse. It is.
The Supreme Court was also hit hard, with recordings of the Court of Appeal, Criminal Division, Practical Court and two local hearings in November potentially accessed.
No hearings from the Children’s Court were breached in November or December, but one hearing from October may remain on the network.
Some hearings from Magistrates’ Courts were affected, but not from VCAT.
Acting Prime Minister Ben Carroll said court operations would not be affected.
“We understand that this attack is limited in nature and that all trials, all hearings, all evidence and all procedures are thoroughly protected. I am very confident that we will be able to elucidate this.”
Experts say the attack is likely to have been carried out by Russian hackers
Robert Potter, an independent cybersecurity expert who witnessed evidence of the attack, said the court system was almost certainly the victim of a Russian phishing attack using commercial ransomware known as Qilin.
“This is a double extortion technique,” he said.
“They take your data and encrypt it. If you don’t pay, your data will be compromised and you won’t be able to access it.”
A spokesperson for the Victorian Courts Service said CSV “…took immediate action to isolate and disable the affected networks and put arrangements in place to ensure continued operations across the courts.” As a result, the hearing in January will proceed.”
“Maintaining the security of our courtroom users is our top priority. Our current efforts are focused on ensuring the safety of our systems.”
This week the ABC revealed that probiotics company Yakult Australia was hit with a major cyber attack that exposed company records and sensitive employee documents, including passports, on the dark web.
Other major companies and institutions, including Optus and Medibank, have also been hit by high-profile attacks, with St Vincent’s health network also targeted ahead of Christmas.
“Australia is a target for wealthy people because it’s a modern, developed country with a lot of money,” said cyber security consultant Troy Hunt.
“Inevitably, a security flaw led to this situation.
“Companies alone can’t solve this problem, and the police can’t help either.”
Loading…