At dawn on the 30th, the Federal Regional Court of the 3rd Region, responsible for cases in the states of São Paulo and Mato Grosso do Sul, was the target of a ransomware attack, which encrypted and made the equipment of the TRF-3 itself and the virtualization environment, according to a request submitted to the National Council of Justice. Details of the attack were not shared with the public.
According to the lawsuit, the invasion was the reason given by the Court to justify the postponement of sending the precatories beyond the deadline of April 2 — accepted by the president of the CNJ, Luiz Fux. Details about the attack were described in documents sent to the Council and which are still under review.
“It is possible to say that the Court suffered a Ransomware-type attack, which encrypted and made access to some equipment in the park and also part of its virtualization environment unavailable. Thus, at the moment all systems are completely disabled, for assessment of the extent of the attack”, says the Department of Information Technology of the Council. “Unfortunately, it is not yet possible to establish a deadline for the restoration of the environment and its services”, he concludes.
“As part of the strategy to protect data from electronic judicial systems and the personal data of those under jurisdiction, it was determined to shut down all computer systems so that virus contamination from one system to another does not occur”, reported the TRF 3 on the effects caused by the attack that occurred in the early hours of Wednesday (30).
According to most recent statement from TRF-3, public assistance and procedural deadlines were updated for the period from April 4th to 12th. Initially, the suspension would take place between March 30 and 31. “Until systems are re-established,” employees are allowed to work remotely.
The Court also informed via a statement on the website that the attackers did not have access to the contents of the processes stored on the servers. The Federal Police was at the scene to analyze the extent of the attack and should open an investigation to investigate the action. “In relation to the criminal action, it should be noted that the steps taken by the Information Technology Secretariat made it possible to identify the type of attack suffered and to define the strategy to be followed in the investigation of the facts and in the progressive restoration of the Court’s technological infrastructure. The Federal Police are investigating the case,” the court said in statement published on the agency’s website.
The cyber attack on the judiciary is not unheard of. Still this year, the Regional Labor Court of Espírito Santo (TRT-ES) was also the target of a similar attack on February 20. In November 2020, another case of invasion was registered in the computer system of the Superior Court of Justice.
With information from Digital Convergence and G1