Cyberattackers breach trove of Victoria court recordings The Register

The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed.
The incident began on December 8 and attackers may have accessed hearings between November 1 and December 21, with a small number of recordings generated before this range also potentially compromised.
Different courts within the system were affected to varying degrees.
The Supreme Court of Victoria, aside from two regional hearings in November, only had recordings accessed between December 1 and 21, for example.
Others like the County Court, Magistrates' Court, and Coroners Court may have had recordings accessed starting from November 1.
The Children's Court had no recordings accessed other than one hearing from October that may have remained on the affected network.
CSV's audiovisual network is independent of its other systems, meaning employee and financial data are unaffected, and there was no impact on the running of the courts.
Erson also suggested that at least some of the recordings that cybercriminals may have accessed could have compromised those who have had their identity protected by court orders or legislation.
In addition to contacting affected individuals directly, CSV has established a contact center for anyone to request further support about the break-in.
The restoration of the affected systems, which were taken offline after detecting the intrusion, is ongoing but will also include additional improvements to the security of the courts' IT infrastructure, we'e told.
Cybersecurity experts from the Victorian Department of Government Services are involved, while the Victoria Police, Victoria Legal Aid, and the Office of Public Prosecutions are also helping to investigate the most sensitive aspects.
The CSV hasn't yet commented on who or what group may be behind the attack, nor has it confirmed it to be ransomware in nature.
The wording of the incident disclosure, coupled with statements from experts, suggest ransomware may have been deployed.
Speaking to ABC News, security expert Robert Potter said the attack is likely the work of the Russia-based Qilin ransomware group.
Potter, who has reportedly seen evidence of the assault, confirmed the attackers are adopting a double extortion approach.
Qilin is yet to claim the attack on its leak site, but double extortion scenarios involve the group threatening to leak the stolen data if a ransom demand isn't met.
If the incident is playing out as Potter says, it means the court recordings may be leaked online if CSV refuses to meet the attacker's demands.
Given the potentially sensitive nature of the hearings affected by the incident, it's also not unheard of for ransomware leaders to intervene and prevent the leaking of data on moral grounds.
The country is also part of the International Counter Ransomware Initiative, which is working toward a joint pledge to refuse ransom payments at the government level.
High-profile attacks on organizations such as Medibank and Optus are thought to have inspired the plans to ban ransom payments, while also prompting the Australian government to set its sights on becoming a world leader in cybersecurity by 2030.


This Cyber News was published on go.theregister.com. Publication date: Tue, 02 Jan 2024 17:13:05 +0000


Cyber News related to Cyberattackers breach trove of Victoria court recordings The Register

Cyberattackers breach trove of Victoria court recordings The Register - The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed. The incident began on December 8 and attackers may have accessed hearings between November ...
11 months ago Go.theregister.com
Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
11 months ago Therecord.media
Victoria court recordings exposed in reported ransomware attack - Australia's Court Services Victoria is warning that video recordings of court hearings were exposed after suffering a reported Qilin ransomware attack. CSV is an independent statutory authority that provides services to Victoria's court systems, ...
11 months ago Bleepingcomputer.com
Australian Court Service Hacked, Hearing Recordings at Risk - Court cases and tribunals in Australia have been impacted by a cybersecurity incident, with attackers potentially accessing recordings of hearings, according to the Court Services Victoria. The CSV revealed the incident in a statement on January 2, ...
11 months ago Infosecurity-magazine.com
Records of Crucial Cases May Have Been Compromised by a Cyberattack on Victoria's Court System - An independent expert believes that ransomware was used to assault Victoria's court system and that the attack was coordinated by Russian hackers. According to a representative for Court Services Victoria, hackers gained access to a portion of the ...
11 months ago Cysecurity.news
2023 Year in Review: The U.S. Supreme Court's Busy Year of Free Speech and Tech Cases - The U.S. Supreme Court has taken an unusually active interest in internet free speech issues. EFF participated as amicus in a whopping nine cases before the court this year. The court decided four of those cases, and decisions in the remaining five ...
11 months ago Eff.org
CVE-2015-3156 - The _write_config function in trove/guestagent/datastore/experimental/mongodb/service.py, reset_configuration function in trove/guestagent/datastore/experimental/postgresql/service/config.py, write_config function in ...
7 years ago
The Week in Ransomware - With it being the first week of the New Year and some still away on vacation, it has been slow with ransomware news, attacks, and new information. Last weekend, BleepingComputer tested a new decryptor for the Black Basta ransomware to show how it ...
11 months ago Bleepingcomputer.com
Russian hackers believed to be behind cyber attack on Victoria's court system - Victoria's court system has been hit by a ransomware attack, which an independent expert believes was orchestrated by Russian hackers. A spokesperson for Court Services Victoria said hackers accessed an area of the court system's audio-visual ...
11 months ago Abc.net.au
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
10 months ago Securityzap.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
11 months ago Securityboulevard.com
Australia Victoria State Court System data breach by Russia - Recently, the court systems of Victoria State in Australia fell victim to a cyberattack, and suspicions point towards a Russian ransomware gang. The IT staff of the court systems reported a fraudulent infiltration on December 21, 2023, revealing that ...
11 months ago Cybersecurity-insiders.com
EFF Helps News Organizations Push Back Against Legal Bullying from Cyber Mercenary Group - For the last several months, there has emerged a campaign of bullying and censorship seeking to wipe out stories about the mercenary hacking campaigns of a less well-known company, Appin Technology, in general, and the company's cofounder, Rajat ...
10 months ago Eff.org
It's Time For Lawmakers to Listen to Courts: Your Law Regulating Online Speech Will Harm Internet Users' Free Speech Rights - Despite a long history of courts ruling that government efforts to regulate speech online harm all internet users and interfere with their First Amendment rights, state and federal lawmakers continue to pass laws that do just that. Three separate ...
5 months ago Eff.org
EFF Continues Fight Against Unconstitutional Geofence and Keyword Search Warrants: 2023 Year in Review - EFF continues to fight back against high-tech general warrants that compel companies to search broad swaths of users' personal data. In 2023, we saw victory and setbacks in a pair of criminal cases that challenged the constitutionality of geofence ...
1 year ago Eff.org
International Criminal Court systems breached for cyber espionage - The International Criminal Court provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation for espionage purposes. The intergovernmental organization disclosed the breach on September 19, a few days ...
1 year ago Bleepingcomputer.com
When It Comes to January 6 Lawsuits, a Court Splits Donald Trump in Two - Donald Trump, the president, may well be immune from any civil action for allegedly inciting an attack against the US Capitol on January 6, 2021. The candidate, is not, an appellate court in the District of Columbia says. "When a first-term President ...
1 year ago Wired.com
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
Victory! Montana's Unprecedented TikTok Ban is Unconstitutional - A federal court on Thursday blocked Montana's effort to ban TikTok from the state, ruling that the law violated users' First Amendment rights to speak and to access information online, and the company's First Amendment rights to select and curate ...
1 year ago Eff.org
DNA testing: What happens if your genetic data is hacked? - The personal information of millions of people who sent swabs of their DNA to consumer testing services have been leaked in high profile hacks in recent years, leading to questions about how secure that genetic data is. In autumn 2023, a hacker ...
10 months ago Packetstormsecurity.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com
CVE-2023-52780 - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm ...
7 months ago Tenable.com
CVE-2024-47716 - In the Linux kernel, the following vulnerability has been resolved: ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernels built with clang/LLD 17.0.6: BUG: unsupported FP ...
2 months ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)