NetworkTigers explains what happened in the San Joaquin court cyber incident.
San Joaquin County, CA, is home to nearly 800,000 residents served by the San Joaquin County Superior Court. The court system handles traffic incidents, divorce and custody issues, landlord-tenant disputes, homeless services, criminal cases, fish and game, small claims, and more. However, as of Wednesday, October 30, online services for the San Joaquin County Superior Court have been taken offline by an ongoing cyber incident. This hack comes on the heels of a series of devastating ransomware attacks that have caused weeks-long shutdowns and delays in similar social services systems throughout California.
What got shut down in the California court hack
The following services were affected due to the recent San Joaquin court cyberattack:
- Court hearings scheduled for remote appearance on October 30, 2024 were rescheduled.
- Jurors summoned for the week of October 28 and in groups 138 through 150 were excused.
- Phone and fax services for the court system are offline.
- Juror reporting information and instructions are not available.
- Remote appearances are not available.
- E-filing, traffic ODR, and support tickets are offline.
- The Court website and online services are not available.
- Credit card processing and fee payments are down.
Manual workarounds are in place, and in-person services at all court locations are still functioning. The Stockton courthouse was closed the prior month due to an unrelated bomb threat but has since been reopened.
There is currently no timeline announced for the restoration of online court services.
What happened in the San Joaquin court cyber incident
No hacking group has yet taken responsibility for the hack, and the court system has announced it is working with third-party remediators to regain online functionality. A court spokesperson announced, “San Joaquin County Superior Court has been working diligently to investigate connectivity issues that have impacted some of our system. We have determined these issues to be the result of a cybersecurity incident. We took immediate and proactive steps to contain the event, which included isolating our systems from the internet. As a result, part of our network remains offline.”
It has not been announced whether or not system data and personal information have been compromised due to the cyber intrusion. It is also unconfirmed what caused the incident.
Recent similar ransomware attacks in CA
Social service and legal systems within California have been hit by a recent spate of cybercrime that has taken multiple crucial services offline. Just one day after the San Joaquin court hack, the Housing Authority of the City of Los Angeles confirmed it was victimized by a successful ransomware attack. This is the second recent attack on the system, one of the nation’s largest public housing authorities, since the 2023 Lockbit ransomware breach.
The Cactus ransomware gang, known for exploiting VPN vulnerabilities, has taken responsibility for the LA Housing Authority ransomware attack the same week as the San Joaquin cyber incident. The hacking group claims to have stolen over 861 GB of data, including personally identifying information, database backups, executive and employee personal data, corporate confidential documents, financial data, and correspondence.
Just several months prior, the Los Angeles County Superior Court, the largest trial court in the country, was also taken offline in a cyber incident that resembles the San Joaquin County Superior Court incident. In the LA court hack, all 36 courthouses in the county were affected by a ransomware attack. While the timing was similar to the CrowdStrike software update, the incidents were reportedly unconnected. The court system declined to answer if it paid a ransom to resolve functionality and whether or not confidential information was exposed, lost, or stolen.
The LA Superior Court ransomware hack not only took down online systems but also halted transportation of inmates, suspended eviction notices and move-out orders, delayed releases from juvenile hall, rescheduled child support hearings, delayed conservatorship hearings from the Department of Mental Health, and diverted emergency matters like warrants and removal orders to the Department of Children and Family Services’ court magistrate.
Meanwhile, just 30 minutes south of San Joaquin County, the police department of Modesto, CA, was hacked by ransomware gang Snatch last year. The hackers accessed names, addresses, Social Security numbers, driver’s license numbers, state ID numbers, and medical information and shut down police car laptops.
What comes next for San Joaquin County?
Ransomware crimes and cyber shutdowns from hacking gangs are usually financially motivated crimes, but they also often have another goal: disruption. For this reason, many hackers that target public services are funded or otherwise tacitly supported by foreign actors. At times, the chaos that a cybercrime causes may be one of the main reasons an organization is targeted. Attacks like these on public services, such as cyber crimes on water utilities, hospitals, electric grids, public transportation, and more, can sow panic and cause significant financial loss even if the ransom is never paid and functionality is ultimately restored.
California law requires businesses and state and local agencies to report ransomware attacks. California residents must be notified if their personal information has been stolen or accessed by unauthorized persons. The LA Superior Court ransomware hack is currently under criminal investigation to understand how the breach happened, the scope of the intrusion, what kinds of data were involved, and whether or not a ransom was paid with public funds. It is reasonable to believe that a similar investigation will take place in San Joaquin County to understand further how hackers can breach these vital public systems.
About NetworkTigers
NetworkTigers is the leader in the secondary market for Grade A, seller-refurbished networking equipment. Founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms, NetworkTigers provides consulting and network equipment to global governmental agencies, Fortune 2000, and healthcare companies. www.networktigers.com.
All articles sponsored by NetworkTigers.
