The Victorian court system in Australia has fallen victim to a cyber attack leading to disruptions to its technology network.
The cyber incident, reported on Jan 2, took place in late December, impacting video recordings, audio recordings, and transcription services.
Media reports have emerged that Russian hackers may have been involved, using commercial ransomware.
Louise Anderson, chief executive officer of Court Services Victoria (CSV), said recordings of hearings between Nov. 1 and Dec. 21 may have been accessed.
“All courts have put in place arrangements so that they can continue to safely and securely hear matters while CSV re-establishes the affected network.
“We appreciate the cooperation of court users during this period.”
Hearings may have been accessed at the Supreme Court, County Court, Magistrates Court, Children’s Court, and Coroner’s Court.
However, with limited exceptions, the agency noted court and tribunal hearings are held in public and are not confidential. Despite this, unauthorised use of recordings and hearings is not legal.
“Court services are now working very closely with Victoria Police on this matter. We’re very confident that we’ll get to the bottom of it,” he said.
“It’s a double extortion approach. They take the data out, and then encrypt it. If you don’t pay, they leak your data, and you will never access it,” he said.
Mr. Potter has seen evidence of the attack, according to the public broadcaster.
Court Services Victoria is now working closely with cyber security experts within the Victorian Department of Government Services.
“The cyber incident led to unauthorised access leading to the disruption of the audio visual in-court technology network, impacting video recordings, audio recordings, and transcription services,” Ms. Anderson said.
“Court Services Victoria took immediate action to isolate and disable the affected network and to put in place arrangements to ensure continued operations across the courts.
“As a result, hearings in January will be proceeding.”
Speaking further on the incident, Ms. Anderson said maintaining security for court users is the highest priority.
“Our current efforts are focused on ensuring our systems are safe and making sure we notify people in hearings where recordings may have been accessed,” she said.
In the County Court, it is believed all criminal and civil hearings recorded on the network may have been accessed between Nov. 1 and Dec. 21.
Meanwhile, in the Magistrates Court, some committals heard between the same time frame may have been retrieved.
In the Supreme Court, there is concern hearings could have been accessed at the Court of Appeal, Criminal Division, and Practice Court between Dec. 1 and Dec. 21, along with two regional hearings in November.
In the Children’s Court, only a recording that remained on the network in October may have been accessed.
Spate Of Recent Cyber Incidents
The incident at Victoria’s courts follows a “malicious” cyber attack on Life Saving Victoria in late November, where personal information was stolen. The agency employs more than 500 staff and has greater than 37,000 members.In addition, news emerged last week that two major Australian companies had been attacked by cyber attackers, including an automotive dealer and a probiotic drink company.
In a new statement on Jan.2, the company said it can now confirm the incident involved unauthorised access to parts of the company’s IT systems by a third party.
“The extent of the operational impact of the outage is varied across regions and business units. The disruption is primarily impacting the company’s ability to finalise transactions for certain new vehicles which have been sold and are ready for delivery and some aspects of the company’s services and parts operations,” the company said.
“If the company detects that any further personal information has been impacted, affected individuals will be notified in accordance with the company’s obligations and Eagers Automotive will provide support and guidance.”
In addition, Yakult Australia was hit by a cyber incident allegedly involving the release of more than 95 gigabytes of data onto the dark web.
This includes business documents, credit applications, employee records, and identity documents including passports and spreadsheets.
The company released a statement dated Dec. 23, advising the public that its Australian and New Zealand IT systems had been subject to a cyber incident.
“We are currently investigating which data and systems may have been impacted. Our offices in Australia and New Zealand remain open and continue to operate,” Yakult Australia said.
