Editorial: Cyberattack on court system is frustrating and familiar
Share this post:
Cyberattacks on essential services are happening more often.
Hackers have hit at financial institutions. They have struck hospitals. In 2021, a ransomware attack on Colonial Pipeline affected the nation’s natural gas supply.
While these things might seem like the stuff of suspenseful TV shows or James Bond movies, they aren’t. They are becoming all too commonplace and ever closer to home.
In 2023, there was an attack on the Municipal Water Authority of Aliquippa by Iranian-backed hackers. Washington County is recovering from a crippling strike at its computer systems in January.
On Sunday, Pennsylvania Supreme Court Chief Justice Debra Todd issued a statement about an attack on the Pennsylvania Courts website.
Identified the same day, it is being investigated by the U.S. Department of Homeland Security, the FBI and the federal Cybersecurity and Infrastructure Security Agency. That is great as it is clearly being taken seriously.
In some ways, it is an attack without much in the way of weapons. No data was affected. Court offices were not closed.
But what is troubling is the means of the attack. It wasn’t done with all the things we are cautioned to suspect. Todd’s statement doesn’t point to a stolen password or a phishing scheme or any of those sneaky backdoor viruses.
No. This was just use — overwhelming knocks at the website’s virtual door.
“According to (CISA), a denial-of-service cyberattack occurs when malicious actors flood the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users,” the statement said.
In other words, a massive glut of attempts to use the site were made, causing a collapse.
It’s the kind of real-world thing that happens to sites when something becomes popular and causes a run of traffic. Taylor Swift fans caused the Ticketmaster site to crash when they streamed in for tickets. When the new season of “Stranger Things” dropped in 2022, the same thing happened to Netflix.
But this isn’t about excited, legitimate users rushing to do real business. It is about coordinated attacks — often involving armies of bots. If you think this doesn’t involve you or your personal cybersecurity, that’s where you are wrong. An infected device like the one in your pocket or on your desk could be dragooned into these attacks without your knowledge, making you as much of a victim as the organization targeted.
Experts say this can be hard to address because of the number of devices involved. Antivirus software company McAfee calls denial-of-service attacks “one of the more troubling areas in cybersecurity.”
Shutting down something like the ability to use online docket sheets, pay court fees or file paperwork might not sound that scary. Involvement with court system isn’t like your bank account or your water bill. It isn’t something everyone uses every day.
But the scary thing is the ease of affecting so important an agency — and how frustratingly frequent these attacks are becoming.