Cyberattack shuts down Colorado public defenders office
pEEditionppSign up for email newslettersppppSign up for email newslettersppEEditionpp
Trending ppA cyberattack on the Office of the Colorado State Public Defender forced the agency to shut down its computer network locking public defenders across the state out of critical work systems and prompting attorneys to seek delays in their court casesppOffice spokesman James Karbach confirmed the breach in a statement Monday saying officials recently became aware that some data within our computer system was encrypted by malwareppKarbach did not say how long the public defenders office expects to be shut down or when the attack happened but internal emails reviewed by The Denver Post indicate the statewide office is effectively nonoperational and the outage could last as long as a weekppColorado public defenders do not have access to their work computers are unable to access court dockets or court filings and cant do any significant work for clients in court according to emails sent to the offices staffppThe cybersecurity incident was underway by about 11 am Friday according to an emailed notice sent from the Colorado Judicial Departments Information and Technology Services to judges and judicial personnel That notice indicated the cyberattack does not pose a threat to the wider court systemppAs a preventative measure we temporarily disabled our computer network and are working to safely and securely bring systems back online Karbach said Our operations will be limited while the network is offlineppIn court Monday morning public defenders asked to postpone hearings again and againppGiven the malware with the state public defender I cant access my files public defender Amanda Miller said in Adams County District Court as she asked to push a hearing back for a monthppIm not allowed to use my computer public defender Jennifer Chu said in the same courtroom a few minutes later as she asked to postpone a sentencingppI feel like we are going to be doing a lot of this this week Adams County District Court Judge Jeffrey Smith told Chu Lets get you a new dateppThe judge later warned another defendant that the public defenders system outage was expected to last a weekppThe wider court system is fully operational Colorado Judicial Department spokesman Rob McCallum said MondayppOur systems are not impacted by the Public Defenders system breach he said in a statement As always we are monitoring our network for any anomaliesppThe limited information that officials have put out about the cyberattack on the public defenders office suggests the agency was hacked with ransomware said Steve Beaty chair of the computer sciences department at Metropolitan State University of Denver though he cautioned that he is not involved with the incidentppRansomware attacks are common he said In the last few years in Colorado such attacks have targeted Regis University the cities of Lafayette and Wheat Ridge the Colorado Department of Transportation and othersppAttackers use malware to hold an organizations data hostage Beaty said then demand a payment in cryptocurrency in order for organizations to regain access to that data Both public agencies and private businesses have been targeted in a steady stream of ransomware attacks since about 2013 he saidppIts a crime that essentially is relatively easy in the grand scheme of things to get away with Beaty saidppAbout half of victimized organizations pay the ransom Beaty said The city of Lafayette forked over 45000 to ransomware attackers in 2020 and Regis University paid an undisclosed amount of ransom that same year Wheat Ridge and the Colorado Department of Transportation did not pay their attackers but spent 15 million restoring their systems in 2018ppWhether targeted companies pay depends on the scale of the attack the companys insurance and the quality of backedup data Beaty said The ransomware attackers often steal a targets financial data first and know exactly how much a company is likely to pay to retrieve the lost data he addedppEssentially it is less expensive to pay the ransomware than to try to bring back all the data from backups Beaty saidppRansomware was used in 24 of cybersecurity incidents in which data was disclosed to an unauthorized third party between November 2021 and October 2022 according to Verizons 2023 Data Breach Investigations ReportppNearly 500 data breaches involving Coloradans personal information were reported to the Colorado Attorney Generals Office between Jan 1 2022 and Nov 29 2023 a list that includes businesses governments and institutions in this state and elsewhere across the USppThe malware that powers the cyberattacks is typically delivered into a system either when a person clicks a bad link often in an emailed phishing attempt or by exploiting a software bug Beaty saidppVery few organizations are immune to thisThe most important thing is to keep your systems up to date keep them patched make sure the known exploits are being fixed that your firewalls are up to date that your software on devices is up to date he said adding that quality backups are also essential So that when not if when we are attacked we have the ability of going back and starting fresh a day ago an hour ago a week agoppRansomware attacks are increasingly aimed at government agencies said Mark Weatherford who is on the board of directors at the National Cybersecurity Center a Colorado Springs nonprofitppIts definitely something that is concerning to us he said I often say you can choose which grocery store to go to but you cant choose which government you deal with its a higher bar for the government to protect our information than for a public companyppHe added that a current trend within ransomware attacks is that even if an organization pays the ransom and receives access to their data the attackers will keep a copy of that information and then threaten to expose that data publicly unless a second ransom is paidppThat is what my fear would be here with the public defenders office You can just imagine what kind of data the criminals may have downloaded with respect to the people and the cases the public defenders office is working on Weatherford said The privacy and sensitive information of all their clients is what I would be most concerned about right nowppGet more Colorado news by signing up for our daily Your Morning Dozen email newsletterppCopyright 2024 MediaNews Groupp
Trending ppA cyberattack on the Office of the Colorado State Public Defender forced the agency to shut down its computer network locking public defenders across the state out of critical work systems and prompting attorneys to seek delays in their court casesppOffice spokesman James Karbach confirmed the breach in a statement Monday saying officials recently became aware that some data within our computer system was encrypted by malwareppKarbach did not say how long the public defenders office expects to be shut down or when the attack happened but internal emails reviewed by The Denver Post indicate the statewide office is effectively nonoperational and the outage could last as long as a weekppColorado public defenders do not have access to their work computers are unable to access court dockets or court filings and cant do any significant work for clients in court according to emails sent to the offices staffppThe cybersecurity incident was underway by about 11 am Friday according to an emailed notice sent from the Colorado Judicial Departments Information and Technology Services to judges and judicial personnel That notice indicated the cyberattack does not pose a threat to the wider court systemppAs a preventative measure we temporarily disabled our computer network and are working to safely and securely bring systems back online Karbach said Our operations will be limited while the network is offlineppIn court Monday morning public defenders asked to postpone hearings again and againppGiven the malware with the state public defender I cant access my files public defender Amanda Miller said in Adams County District Court as she asked to push a hearing back for a monthppIm not allowed to use my computer public defender Jennifer Chu said in the same courtroom a few minutes later as she asked to postpone a sentencingppI feel like we are going to be doing a lot of this this week Adams County District Court Judge Jeffrey Smith told Chu Lets get you a new dateppThe judge later warned another defendant that the public defenders system outage was expected to last a weekppThe wider court system is fully operational Colorado Judicial Department spokesman Rob McCallum said MondayppOur systems are not impacted by the Public Defenders system breach he said in a statement As always we are monitoring our network for any anomaliesppThe limited information that officials have put out about the cyberattack on the public defenders office suggests the agency was hacked with ransomware said Steve Beaty chair of the computer sciences department at Metropolitan State University of Denver though he cautioned that he is not involved with the incidentppRansomware attacks are common he said In the last few years in Colorado such attacks have targeted Regis University the cities of Lafayette and Wheat Ridge the Colorado Department of Transportation and othersppAttackers use malware to hold an organizations data hostage Beaty said then demand a payment in cryptocurrency in order for organizations to regain access to that data Both public agencies and private businesses have been targeted in a steady stream of ransomware attacks since about 2013 he saidppIts a crime that essentially is relatively easy in the grand scheme of things to get away with Beaty saidppAbout half of victimized organizations pay the ransom Beaty said The city of Lafayette forked over 45000 to ransomware attackers in 2020 and Regis University paid an undisclosed amount of ransom that same year Wheat Ridge and the Colorado Department of Transportation did not pay their attackers but spent 15 million restoring their systems in 2018ppWhether targeted companies pay depends on the scale of the attack the companys insurance and the quality of backedup data Beaty said The ransomware attackers often steal a targets financial data first and know exactly how much a company is likely to pay to retrieve the lost data he addedppEssentially it is less expensive to pay the ransomware than to try to bring back all the data from backups Beaty saidppRansomware was used in 24 of cybersecurity incidents in which data was disclosed to an unauthorized third party between November 2021 and October 2022 according to Verizons 2023 Data Breach Investigations ReportppNearly 500 data breaches involving Coloradans personal information were reported to the Colorado Attorney Generals Office between Jan 1 2022 and Nov 29 2023 a list that includes businesses governments and institutions in this state and elsewhere across the USppThe malware that powers the cyberattacks is typically delivered into a system either when a person clicks a bad link often in an emailed phishing attempt or by exploiting a software bug Beaty saidppVery few organizations are immune to thisThe most important thing is to keep your systems up to date keep them patched make sure the known exploits are being fixed that your firewalls are up to date that your software on devices is up to date he said adding that quality backups are also essential So that when not if when we are attacked we have the ability of going back and starting fresh a day ago an hour ago a week agoppRansomware attacks are increasingly aimed at government agencies said Mark Weatherford who is on the board of directors at the National Cybersecurity Center a Colorado Springs nonprofitppIts definitely something that is concerning to us he said I often say you can choose which grocery store to go to but you cant choose which government you deal with its a higher bar for the government to protect our information than for a public companyppHe added that a current trend within ransomware attacks is that even if an organization pays the ransom and receives access to their data the attackers will keep a copy of that information and then threaten to expose that data publicly unless a second ransom is paidppThat is what my fear would be here with the public defenders office You can just imagine what kind of data the criminals may have downloaded with respect to the people and the cases the public defenders office is working on Weatherford said The privacy and sensitive information of all their clients is what I would be most concerned about right nowppGet more Colorado news by signing up for our daily Your Morning Dozen email newsletterppCopyright 2024 MediaNews Groupp
