Australian Courts Attacked by Hackers

This follows a spate of recent cyber incidents in Australia.
Australian Courts Attacked by Hackers
An Australian flag flies at the Supreme Court of Victoria in Melbourne, Australia, on Oct. 27, 2023. (Melanie Sun/Susan Mortimer/The Epoch Times)
Monica O’Shea

The Victorian court system in Australia has fallen victim to a cyber attack leading to disruptions to its technology network.

The cyber incident, reported on Jan 2, took place in late December, impacting video recordings, audio recordings, and transcription services.

Media reports have emerged that Russian hackers may have been involved, using commercial ransomware.

Louise Anderson, chief executive officer of Court Services Victoria (CSV), said recordings of hearings between Nov. 1 and Dec. 21 may have been accessed.

“We understand this will be unsettling for those who have been part of a hearing. We recognise and apologise for the distress that this may cause people,” Ms. Anderson said.

“All courts have put in place arrangements so that they can continue to safely and securely hear matters while CSV re-establishes the affected network.

“We appreciate the cooperation of court users during this period.”

Hearings may have been accessed at the Supreme Court, County Court, Magistrates Court, Children’s Court, and Coroner’s Court.

However, with limited exceptions, the agency noted court and tribunal hearings are held in public and are not confidential. Despite this, unauthorised use of recordings and hearings is not legal.

Ben Carroll, who is acting Premier of Victoria at the moment, said the attack has been “well contained” in comments cited by The Herald Sun.

“Court services are now working very closely with Victoria Police on this matter. We’re very confident that we’ll get to the bottom of it,” he said.

Cyber security leader Robert Potter suggested in comments quoted by the ABC that the court system was hit by a “Russian phishing attack” using commercial ransomware.

“It’s a double extortion approach. They take the data out, and then encrypt it. If you don’t pay, they leak your data, and you will never access it,” he said.

Mr. Potter has seen evidence of the attack, according to the public broadcaster.

Court Services Victoria is now working closely with cyber security experts within the Victorian Department of Government Services.

“The cyber incident led to unauthorised access leading to the disruption of the audio visual in-court technology network, impacting video recordings, audio recordings, and transcription services,” Ms. Anderson said.

“Court Services Victoria took immediate action to isolate and disable the affected network and to put in place arrangements to ensure continued operations across the courts.

“As a result, hearings in January will be proceeding.”

Speaking further on the incident, Ms. Anderson said maintaining security for court users is the highest priority.

“Our current efforts are focused on ensuring our systems are safe and making sure we notify people in hearings where recordings may have been accessed,” she said.

In the County Court, it is believed all criminal and civil hearings recorded on the network may have been accessed between Nov. 1 and Dec. 21.

Meanwhile, in the Magistrates Court, some committals heard between the same time frame may have been retrieved.

In the Supreme Court, there is concern hearings could have been accessed at the Court of Appeal, Criminal Division, and Practice Court between Dec. 1 and Dec. 21, along with two regional hearings in November.

In the Children’s Court, only a recording that remained on the network in October may have been accessed.

A contact centre with dedicated staff has been set up by Court Services Victoria to help those seeking help and further information.

Spate Of Recent Cyber Incidents

The incident at Victoria’s courts follows a “malicious” cyber attack on Life Saving Victoria in late November, where personal information was stolen. The agency employs more than 500 staff and has greater than 37,000 members.

In addition, news emerged last week that two major Australian companies had been attacked by cyber attackers, including an automotive dealer and a probiotic drink company.

Australian Stock Exchange-listed company Eagers Automotive entered a trading halt, a temporary suspension of trading for a particular security, on Dec. 27 after a cyber outage.

In a new statement on Jan.2, the company said it can now confirm the incident involved unauthorised access to parts of the company’s IT systems by a third party.

“The extent of the operational impact of the outage is varied across regions and business units. The disruption is primarily impacting the company’s ability to finalise transactions for certain new vehicles which have been sold and are ready for delivery and some aspects of the company’s services and parts operations,” the company said.

“If the company detects that any further personal information has been impacted, affected individuals will be notified in accordance with the company’s obligations and Eagers Automotive will provide support and guidance.”

In addition, Yakult Australia was hit by a cyber incident allegedly involving the release of more than 95 gigabytes of data onto the dark web.

(Kacper Pempel/Illustration/Reuters)
(Kacper Pempel/Illustration/Reuters)

This includes business documents, credit applications, employee records, and identity documents including passports and spreadsheets.

The company released a statement dated Dec. 23, advising the public that its Australian and New Zealand IT systems had been subject to a cyber incident.

“We are currently investigating which data and systems may have been impacted. Our offices in Australia and New Zealand remain open and continue to operate,” Yakult Australia said.