Cybersecurity—Hitting Too Close To Home

post_bombBy Steven Caponi

Last week, I was faced with yet another Friday filing deadline in my local federal district court.  By 6:30 p.m., the only thing standing between me and a much needed weekend was hitting the proverbial “Send” button to complete my filing.  For some unknown reason, however, I could not complete the filing and eventually lost my connection to the court’s electronic filing system, commonly known as PACER.  The start of my weekend quickly went from thoughts of a nice dinner with my wife, to mild panic over possibly missing a court-ordered deadline—not to mention the subsequent embarrassment of explaining to the other counsel involved in the case that I was incapable of completing a routine filing.  Close to midnight, I was able to access PACER and complete the filing just under the wire.

The following Monday, I entered the office committed to finding out what technical glitch in my Firm’s software had ruined my Friday evening.  Much to my surprise, I learned that the problem was not due to issues with our software, but rather due to a group called the European Cyber Army, who decided to scuttle my weekend by shutting down the federal judiciary’s websites.   A tweet from the group stated, “Government of the United States of America: We have taken the Liberty of Nuking your Court’s Website!”  Known for distributed denial-of-service (“DOS”) assaults, the group claims to have attacked the websites of the Syrian and Pakistani national governments, Asian and European banks, the State of Nevada, online document sharing site, and Craigslist Inc.

The DOS assault on PACER overwhelmed the system and resulted in communications slowing down to a snail’s pace before the subsequent termination of the connection.  Once the attack was noticed by the judiciary, the PACER system placed a warning on its website and a prerecorded message on its telephone hotline.  But, there were mixed messages as to whether or not the outage was caused by a cyber attack.    Almost immediately, a spokesman for the Administrative Office of the U.S. Courts stated the service problems were caused by a DOS attack and referred to the incident as a “national cyber attack on the judiciary.”  The FBI, however, told the Wall Street Journal that the problems with PACER were caused by technical issues in federal court computers rather than by a cyber attack.  The FBI quickly backtracked from this statement on Saturday and indicated it was “reassessing” its initial conclusion.

With the confusion caused by contradictory statements by the FBI and Administrative Office of the Courts, it is unclear whether the European Cyber Army launched its DOS attack on PACER to send a message to the American judiciary or if it was done specifically to scuttle my Friday dinner plans.  I do know, however, that despite extensively advising others on the need for increased cybersecurity, I did not anticipate becoming a victim myself.  All joking aside, the attack on PACER highlights several important points: (1) you never know when a cyber attack will occur; (2) the targets of cyber attacks are often chosen at random; and (3) as we increasingly transition into a society where even mundane functions (like filing scheduling order) are done electronically, cyber attacks will ensnare an increasingly larger portion of our population.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s