Cybersecurity Breach Shuts Down LA Superior Court Network Systems

cover
29 Jul 2024

Los Angeles, CA – July 21, 2024 – The Los Angeles Superior Court experienced an unprecedented ransomware attack on Friday, July 19, 2024, leading to the shutdown of all 36 courthouse locations across the county. The breach, which occurred in the early hours of the morning, necessitated the immediate disabling of nearly all network systems to contain the damage and protect sensitive information.

Incident Details

The ransomware attack on the Los Angeles Superior Court began early on Friday, July 19, targeting both internal and external systems, including the MyJuryDuty portal and case management systems. The court's cybersecurity division promptly detected the attack and shut down the network to prevent further damage. This swift action, while necessary, significantly disrupted services, making critical systems inaccessible and affecting juror communications.

In response, the court collaborated with the California Governor's Office of Emergency Services and various law enforcement agencies to investigate the breach and assess the damage. Preliminary findings indicate no compromised user data, though the investigation is ongoing. Despite the immediate response, many systems remained offline, leading court officials to close all courthouses on Monday, July 22, to allow IT experts additional time to safely restore operations.

Presiding Judge Samantha P. Jessner emphasized the court's heavy investment in cybersecurity, which facilitated the rapid containment of the attack. The court expects to resume normal operations by Tuesday, July 23, after ensuring all systems are secure. This incident underscores the persistent threat of cyberattacks and the need for robust cybersecurity measures. The court clarified that this attack is unrelated to the recent global disruption caused by a faulty CrowdStrike update.

Ongoing Response and Recovery

Throughout the weekend, efforts to restore and recover the affected systems were underway. As of Sunday evening, many critical systems remained offline. However, court officials are optimistic about reopening by Tuesday, July 23, 2024. The additional time is intended to allow the court’s team of experts to focus exclusively on bringing systems back online as quickly and safely as possible.

The Los Angeles Superior Court is working closely with the California Governor's Office of Emergency Services, as well as local, state, and federal law enforcement agencies, to investigate the incident and assess its impact. Preliminary investigations indicate no evidence that court user data has been compromised.

Impact on Court Operations

The shutdown affected all 36 court facilities, halting court operations and services temporarily. The court’s website, including the MyJuryDuty portal, displayed error messages indicating the extent of the disruption. Court officials emphasized their commitment to restoring services and resuming operations as expeditiously as possible.

Officials clarified that the ransomware attack on the Los Angeles Superior Court is unrelated to the recent global disruption caused by a faulty CrowdStrike update, which affected Windows systems worldwide around the same time.

Cybersecurity Measures

The court credited its swift detection and immediate response to the attack to its significant investment in cybersecurity and the expansion of its cybersecurity team. This incident highlights the critical importance of robust cybersecurity measures and ongoing vigilance against evolving cyber threats. Tools like NAKIVO Backup and Replication play a vital role in ensuring data protection and rapid recovery, further emphasizing the need for comprehensive cybersecurity strategies in today’s digital landscape.

About Los Angeles Superior Court

The Los Angeles Superior Court is the largest trial court in the United States, with over 4,800 employees operating in 41 court facilities across 26 cities in Los Angeles County. The court serves a population of over 10 million people.