Texas Supreme Court Website Is the Latest Victim of a Ransomware Attack

By Joseph Fawbush, Esq. on May 18, 2020 | Last updated on August 10, 2021

Earlier this year the FBI notified law firms to be on the lookout for ransomware attacks. With troves of potentially valuable data, law firms can pose a tempting target for hackers. Law firms throughout the country have been victimized. Now, it appears that courts throughout the U.S. should also be on their guard after a cyberattack left the Texas Supreme Court website offline.

The Texas Office of Court Administration (OCA), a unique state branch of the Texas Supreme Court, said that sensitive data was not stolen in the attack. In a typical ransomware attack, a downloaded file is used to encrypt information stored on a device or server, which prevents anyone from accessing it without an encryption key. The attacker then requests a fee for providing the key.

Damage Is Limited

The Texas OCA, in a press release, said that a lot of its information is stored in the cloud. Cloud services usually retain previous versions of files, so that can mitigate the damage in a ransomware attack. Filings have continued in the wake of the attack, and a separate website has been set up. The Texas judiciary will not pay the ransom.

While an inopportune time to be down, the damage in this case was limited. The txcourts.gov website remains down as of the time of this writing, but an alternative website was set up. Lawyers can still use eFileTexas and the public has access to court records through SearchTX.

Like courts throughout the country, Texas has shifted to remote hearings. However, the Texas OCA said that the attack was unrelated to remote hearings or actions the court has taken as a result of the pandemic. Ransomware is most commonly hidden in email attachments posing as something innocuous. Ransomware can be hidden in PDFs, Word documents, and other commonly attached email files.

Mostly Business as Usual

Lawyers and press discovered something was wrong when the Texas Supreme Court failed to release its opinions on Friday, May 8, per usual. The OCA revealed the attack in a press release the following Monday. The Texas Department of Information Resources and state law enforcement are investigating the attack.

Hopefully, this attack will mostly serve as a reminder to courts and law firms alike that cybersecurity must remain an essential priority, particularly considering how essential functioning technology is to many law firms' survival.

Related Resources

Copied to clipboard