Kansas Supreme Court Justices now say they hope to restore most functions of the state’s court computer system, shut down for nearly two months by an “evil, criminal” cyberattack, by the end of this month.
The system serves 104 of the state’s 105 counties. Johnson, the largest by population, has its own computer system, but is set to join the state network next year. The computer network handles nearly everything for the state courts, from scheduling to filings to case records and public access.
This is good news for the courts and the public, and it goes without saying that we all should breath a sigh of relief that the damage wasn’t worse, or harder to fix. Cyberattacks are made to be difficult to reverse.
Criminals usually imbed their software and booby trap all corners of a system before they spring their surprise. Backups typically are mined to reinfect the computers if installed, and would have to be carefully cleansed before they could be used. That alone could have occupied two months.
Hackers usually demand payment, but there’s no indication the state paid anyone. The justices said they were proud to have upheld “the rule of law.”
Not playing the criminals’ game can make recovery more difficult and last longer. It is, we think, by far the better course than the one often taken by some private businesses bent on curbing costs and damage. So, if that is the case, we applaud the justices.
We think, however, that the courts have been a little disingenuous in avoiding reference to the criminal nature of this attack for as long as they did. The attack was pretty obviously intentional from the start; entire computer systems seldom just go “poof’ and stop working on their own.
Nonetheless, the attack, which has been a major and costly inconvenience to all involved, from lawyers and litigants to courts and court workers, will have been cleared up in fairly rapid fashion if indeed it is done this month. Other than a bit more openness on the part of the courts, we think it has been well-handled so far.
We are certain as well that the justices will expect their experts to make certain that something like this never happens again. No one can guarantee that, but some thought should be given to compartmentalizing and safeguarding multiple backups several times each day.
And of course, we hope the FBI, KBI and whoever else is investigating will track down the foreign hackers and make things difficult for them.
Information gathered from the case might well point out changes needed to protect other government and business software.
And that could make the cost of this crime — which might run in the millions — a lot more bearable.