The US Judiciary is going decidedly low-tech in an effort to protect important information in the wake of the SolarWinds attack.
The SolarWinds attack was one of the most devastating hacks the US has experienced. Multiple government agencies were compromised, with the federal Judiciary suspected to be among them.
The attack was so successful because it was a supply chain attack. Rather than attacking individual target organizations, a supply chain attack relies on compromising a legitimate piece of software up the supply chain, installing a trojan and then gaining access to all the organizations that use the software in question. In this example, the compromised software was SolarWinds’ Orion IT monitoring and management software, used by government agencies and corporations alike.
In the wake of the attack, access to public documents will not be impacted, but the Judiciary is taking no chances with sensitive documents.
Under the new procedures announced today, highly sensitive court documents (HSDs) filed with federal courts will be accepted for filing in paper form or via a secure electronic device, such as a thumb drive, and stored in a secure stand-alone computer system. These sealed HSDs will not be uploaded to CM/ECF. This new practice will not change current policies regarding public access to court records, since sealed records are confidential and currently are not available to the public.
These extraordinary measures are the latest indication of the damage and impact the SolarWinds attack has had on public and private institutions.