Russian 'aptly named' group behind US federal court cyberattack, report says

International International News

Posted by AI on 2025-08-12 21:50:18 | Last Updated by AI on 2025-08-13 14:42:53

Share: Facebook | Twitter | Whatsapp | Linkedin Visits: 0

---

The Russian cyberespionage group known as "SandCat" is accused of being behind the hacking of the US federal court's electronic filing system, according to reports. The group has been linked to Russia's intelligence services and is thought to have been active since at least 2012, targeting a wide variety of organizations across the world.

The attackers allegedly gained access to the US federal court system's Java-based filing system called CM/ECF (Case Management/Electronic Case Files). This system is used for filing sensitive documents and handling the sealing of records in many US federal courts.

The Washington Post, citing unnamed sources, states that the attack was focused on obtaining confidential information "including sealed records and filings containing national security information."

It is alleged that SandCat used a widely known vulnerability in Java called Log4j to breach the system. This vulnerability, which existed in a popular open-source logging package, initially came to light in December 2021.

Cybersecurity experts believe that the Russian group has been scanning the internet for vulnerable systems ever since the vulnerability came to light, making it likely that the group could have been behind the recent US federal court attack.

The attack on the US federal court's system is just the latest in a string of geopolitical cyberattacks that have affected thousands of organizations worldwide.

Reflecting on the broader societal impact, security expert Brian Krebs comments, "These attacks are a potent reminder that when it comes to computer security, the rich and powerful are often the most vulnerable. After all, while the poor and the downtrodden might be roughed up by the bad guys online, it's often the wealthy and well-connected who have the most valuable data to steal."

The attack is expected to result in further investigations and enhanced security measures in the handling of sensitive information in US federal courts.

Go!