Ransomware Group Steals Australian Courts' Video RecordingsHackers Lock Up Recordings of Court Hearings to Extort Victoria's Court System
The court system of the Australian province of Victoria said it had experienced a cybersecurity incident in late 2023 that gave hackers access to the video recordings of proceedings at multiple courts, including the Supreme Court and the County Court.
Court Services Victoria said it had learned on Dec. 21 that hackers gained unauthorized access to its audio and visual in-court technology network and had accessed video and audio recordings stored on the network.
Court Services Victoria said the incident occurred Dec. 8 and gave hackers access to stored video recordings made between Nov. 1 and Dec. 21. These included recordings of hearings at the Supreme Court, the County Court, the Magistrates' Court and the Coroners Court. The hackers also accessed a recording from the Children's Court.
According to ABC News, the cybersecurity incident came to light on Dec. 21 when malicious actors had locked CSV staff out of their computers and displayed the message "YOU HAVE BEEN PWND" on their screens. Staff were directed to a text file where the hackers had provided directions on how CSV could regain access to the stolen recordings.
The Supreme Court of Victoria said Tuesday that the compromised data includes recordings of hearings at the Court of Appeal, Criminal Division and the Practice Court between Dec. 1 and Dec. 21. The court said all affected parties in hearings will be notified shortly.
Louise Anderson, chief executive officer of the court, did not reveal the nature of the attack but said the department had been able to isolate the affected network and could confirm that the unauthorized access had been restricted to recordings stored on the network.
"We understand this will be unsettling for those who have been part of a hearing. We recognize and apologize for the distress that this may cause people," Anderson said. "Maintaining security for court users is our highest priority. Our current efforts are focused on ensuring our systems are safe and making sure we notify people in hearings where recordings may have been accessed."
Anderson did not share the court's efforts to regain access to the compromised recordings but said changes are being made to hearing arrangements and will be announced shortly.
Anderson said the hackers had breached a single computer system that manages only audiovisual recordings for all court jurisdictions. "The system holds recordings for around 28 days, so the primary investigation period is Nov. 1 to Dec. 21, which is when we identified the problem and isolated and disabled the affected network," she said.
Court Services Victoria is working with cybersecurity experts in the Victorian Department of Government Services and IDCARE, Australia's national identity and cyber support community service, to respond to the incident.
"CSV is not currently aware of any recordings being released but will notify the relevant authorities should this occur. Maintaining security for court users is our highest priority, and we recognize and apologize for the distress this incident may cause," Anderson said.
The Australian Cyber Security Center said in a report in November that federal, state and local governments had experienced 43.5% of all reported cybersecurity incidents over the past year. The Australian Signals Directorate, the country's premier intelligence agency, said it had responded to 118 extortion-related incidents in 2023 that involved criminals using ransomware or other means to restrict access to systems, files or accounts.