Officials fear that Latin American drug cartels are among those who obtained sensitive court data due to a sweeping breach of the federal judiciary’s case filing system, raising concerns that the groups will now be able to target cooperating witnesses involved in criminal trials against them.
The worry, according to three judicial officials and investigators with knowledge of the hack, is that cartels could weaponize the stolen data to identify witnesses in cases the federal government has opened against them, or to gain knowledge of impending or ongoing criminal investigations, such as sealed wiretap orders and arrest and search warrants.
POLITICO first reported on the hack, which the Administrative Office of the U.S. Courts determined was serious, in early July.
At least a dozen district courts across several U.S. states are believed to have been directly impacted by the ongoing compromise of the digital case filing system, known as CM/ECF, according to the first two people. The incident is believed to be one of the most serious hacks into the federal court filing system in years.
It’s unclear if the cartels were directly connected to each of those breaches because multiple nation-states and criminal groups are thought to have penetrated CM/ECF simultaneously, while at least some of those groups have been inside the system for years, the first two people said. All three people were granted anonymity due to the sensitivity of the issue.
It is also possible that the cartels are purchasing the data from other hackers with access to the system.
The news about the cartels gaining access to sensitive criminal court data comes as the Trump administration is ramping up the federal government’s efforts to prosecute criminal activity from Latin American drug gangs, such as Tren de Aragua, MS-13 and the Sinaloa cartel.
The New York Times reported Tuesday that Trump has signed a secret order authorizing the Defense Department to use military force against certain drug cartels.
The CM/ECF system allows legal professionals to upload and manage court documents. Some of these are kept sealed and others become available to the public via PACER, the system’s external-facing side.
One of the nation-state hacking groups with access to the system is suspected of vacuuming up all data uploaded on CM/ECF every week for months, one of the people familiar said. The group, which has retained access inside the CM/ECF system for several years, previously accessed data in a more targeted fashion but appears to have grown bolder with time, the person added.
The FBI referred questions to the Justice Department, which did not respond to a request for comment. The Administrative Office of the U.S. Courts, which manages the court’s online docketing system, did not respond to a request for comment about the hack and whether that system is secure.
President Donald Trump, soon after his return to office, designated some cartels as foreign terrorist organizations. Attorney General Pam Bondi also passed new guidance in April instructing the Justice Department to shift its priorities to prosecuting gang activity, including drug smuggling, human trafficking and violent crime.
Those activities are often prosecuted at the district court level, meaning some information on cases against the cartels would be readily available to those with access to the federal court filing system. By contrast, classified data used in national security cases is not housed on the CM/ECF system and is typically maintained as physical documents for security purposes.
“The vast majority of sensitive information that’s filed at the district courts is related to criminal actors and sophisticated criminal enterprises,” said Adam Hickey, the former deputy assistant attorney general of the Justice Department’s National Security Division. “The idea that a cartel might be following law enforcement’s tracks is very concerning.”
While nation-state hackers appear to have access to the case filing system, it is the involvement of cartels that has set off major alarm bells across the judiciary and among investigators, according to two of the people with knowledge of the hack.
Cartels are thought to be more likely to commit acts of violence on U.S. soil. They also have a large footprint in the country’s prison system, where they can potentially issue threats against government informants identified through stolen court records.
Foreign adversaries such as Iran have also hired criminal gangs in the U.S. to kill dissidents and political figures living in the country.
As of July 2022, the Justice Department was investigating another hack of the federal court system that then-House Judiciary Chair Jerry Nadler (D-N.Y.) described as “startling.” Nadler said at the time that “three” nation-state groups were involved.
It is not clear if any of those same foreign groups are involved in the most recent hack of the federal court filing systems.
The Administrative Office of the U.S. Courts vowed Thursday to increase the security of information posted to its electronic case filing system.
This has not allayed concerns by those in the federal judiciary.
One of the people familiar said their district court is working on new security policies, and they have been directed in recent days to only discuss those measures on paper or via encrypted messaging services.
The measures, while not yet finalized, are expected to involve changes to the way the court handles information on cooperating witnesses, the identities of grand jurors and plea agreements. It’ll be “any cases of foreign or cartel interest,” that person said.
In addition to not uploading sensitive new data onto CM/ECF, the second person familiar said some courts are also trying to scour already uploaded files for information that might be of interest to the cartels or foreign nation states.
Since CM/ECF is used by federal courts across the country, data uploaded by the country's 94 district courts are thought to be vulnerable, two of the people said.
The federal judiciary is trying to replace CM/ECF and PACER, and has acknowledged the system is outdated and “unsustainable due to cyber risks.” But the system overhaul could take years.
Comments
Post a Comment