Hackers are believed to have successfully gained access to weeks of sensitive video and audio recordings of court hearings, including one recorded in the Children’s Court, where the protection of the identities of minors should be particularly important.
The ransomware attack occurred on the computer system of the Victoria Court Service Center in Australia and is believed to have lasted from November 1, 2023 until the network intrusion was detected on December 21, nearly two months later.
Staff first became aware of the problem when their computers were locked out on Christmas Eve and a “You have been attacked” message appeared on their screens.
The media briefing described how staff were directed to the dark web with instructions to pay the ransom without wanting the stolen material to be made public.
Courts Services Victoria (CSV) announced it was sharing details of a cyber security breach that may have been responsible, but commentators pointed their suspicions at the Qilin (also known as Agenda) ransomware-as-a-service group.
However, at the time of writing, the latest claimed victim announced on the Chilin ransomware blog is Serbian energy company EPS – which was reportedly hit by a ransomware attack just before Christmas.
In FAQs posted on its website, CSV shared some limited details of its “cyber incident” that resulted in unauthorized access to its court audio-visual technology network, admitting that prior to Nov. 1 Some hearings may also be affected – including children’s court cases due in October 2023.
Affected include the Supreme Court, Court of Appeal, Crown Division, Practice Court and two regional hearings in November. Recordings may be obtained.
CSV chief executive Louise Anderson said: “Maintaining the security of court users is our top priority. Our current focus is on ensuring the security of our systems and ensuring we notify those at hearings that recordings may be accessed.” “We are aware This will be upsetting to those attending the hearing. We recognize the distress this may cause people and apologize.”
No other court systems or records separate from the audiovisual network were allegedly accessed or affected.
The good news is that CSV said it took immediate action to isolate and deactivate the affected network and that the court hearing was not prevented from proceeding as a result of the cyber attack.
Victoria’s Acting Premier Ben Carroll said the CSV and Victoria Police were working closely to investigate the attack and encouraged anyone with useful information to share it with authorities.
