The first Trump Federal Cyber Security Disaster has been arrived

Second Trump The government has its first federal cyber security to confront it.

Violation of the US Federal Judiciary Electronic Judiciary File file system, which was discovered around July 4, has led some courts to programs prepared after hacking the risky trial and possibly exposed the identity of confidential informants and witnesses in several US states.

More than a month after the discovery of the violation – and despite recent reports from the New York Times and Politico that Russia is involved in the hack – it is still unclear what has happened and which data and systems have been affected.

Politico reported for the first time in violation of “Case Management/Electronic File” or CM/ECF, the system, which may affect criminal docks, arrests and sealed indictment. The CM/ECF system also violated the Trump administration in 2020, and Politico reported on Tuesday that hackers abused software vulnerabilities that were not discovered five years ago in response to the first incident. Security researchers say the gap in public information about the situation is worrying, especially about the lack of transparency about what the data is affected.

“We have more than a month to identify this influence, and we still have no complete accounting of what is affecting,” says Jake Williams, a former NSA hacker and current vice president of research and development in the hunter’s strategy. “If we do not have enough entry to rebuild attack activities, it will be very disappointing because it has been targeted many years over the years.”

In response to a comment request, US courts cited their August 7 statement, which says the federal judiciary “takes other steps to strengthen the protection of sensitive case documents” and “further strengthen system security”. The courts also point out that “the overwhelming majority of documents registered with the judiciary’s electronic file management system are not confidential and are actually easily accessible to the public” while confirming that “some cases contain confidential or specific information that is closed publicly.”

The Ministry of Justice immediately did not respond to the requests of the violation or those who committed it.

Reports this week that Russia has participated in the attack or may be the only accused, interpreted by other signs that espionage actors supported by several countries – and possibly organized crime -organized findings – may have been involved or staged in violations of their abuse.

John Hultquist, a senior analyst at Google Threat Intelligence Group, says seeing several actors in the sensitive and potentially vulnerable system is not unusual. “The investigation is conducted regularly by cyber respect from several countries,” he says.

News of the violation comes as the Trump administration has continued to reduce the federal labor force, including combing information and cyber security agencies to eliminate officials or pressure them to resign.

“I think federal researchers probably know who was behind the attack, but given the weather, I think no one wants to say confidently,” says Williams.

Numerous offices have been trying to launch an insidious espionage, especially campaigns carried out by Chinese and Russian actors. But the researchers emphasize that the vulnerability of the possibility of attacking CM/ECF should be considered after 2021 violations.

“Implementation of policies to need to use sealed or highly sensitive documents through fatty air or safe networks instead of CM/ECF or Pacer will be limited to significant exposure,” said Pack, a senior threat at Securonix Cyber Security Company. “Creating a consistent and centralized login – among other things – all different cases of CM/ECF can enable previous diagnosis and rapid decrease before the data exacerbated as much as it is done.”

In other words, highly targeted systems such as US courts are likely to be violated. But the best way to reduce the likelihood and severity of these attacks is to make sure the defects will be resolved after the first case of abuse.