The Superior Court of Los Angeles County returned to normal operations on July 29, following “severely impacted” networks that led to a temporary closure.
The Court, which serves approximately 10 million residents in LA county, announced it would close, effective July 22, while officials worked to repair and bolster impaired systems. Several court processes, including civil and criminal proceedings and hearings, were extended by a day.
The LA Superior Court reported “significant system-wide connectivity issues” at 8:56 a.m. in a post to X on July 19.
At around 6:40 p.m. the same day, they announced that the court system experienced a “serious security event,” identified as a ransomware attack.
The attack — “a form of malware designed to encrypt files on a device, rendering any files and
the systems that rely on them unusable” as defined by the U.S. Cybersecurity and Infrastructure Security Agency — immobilized the court system.
A ransom was then demanded for decryption of the files. The Court has yet to disclose details of the ransom and the origins of the attack.
“The Court experienced an unprecedented cyber-attack on Friday which has resulted in the need to shut down nearly all network systems in order to contain the damage, protect the integrity and confidentiality of information and ensure future network stability and security,” Presiding Judge Samantha P. Jessner stated in a July 21 press release.
All devices connected to the internet, including the Court’s telephones and electronic platforms that held court data, were inoperable following the attack according to the same press release. Services such as the Call Centers, Attorney Portals, Jury Services/Summons, select Remote Appearance platforms and the Court’s electronic filing system were also inaccessible.
“While the Court continues to move swiftly towards a restoration and recovery phase, many critical systems remain offline as of Sunday evening,” Jessner said. “One additional day will enable the Court’s team of experts to focus exclusively on bringing our systems back online so that the Court can resume operations as expeditiously, smoothly and safely as possible.”
The LA Superior Court reopened on July 24, returning to standard business hours with select services back online, according to a press release.
To provide real-time status updates of court systems, the Court established a Temporary Information Center for those accessing the courthouses and clerks’ offices, portals for jury members, attorneys, ticket payments and more.
The Court suggested that litigants and court users who did not have urgent matters can return the following week as internal and external security staff continued to repair networks. Remote appearances in court, through the LACourtConnect and WebEx platforms, were gradually made available for all types of litigation during the week. Call centers have also returned to normal business hours.
As of July 29, the court returned to normal operations, according to a press release stating they have “restored all public-facing and internal network systems.”
Other U.S. systems were affected by ransomware attacks in the past. Computer systems in Atlanta suffered an attack in 2018, in which the Atlanta Municipal Court lost access to its electronic scheduling and warrant systems. The ransomware attackers had “demanded a Bitcoin payment in return for the encryption key to regain access to the system files and other data.”
In a week, it was safe again for employees to have access to their computers. However, not all systems and data were fully recovered.
The LA Superior Court continues to investigate the ransomware attack in collaboration with local and federal law enforcement, as well as the Governor’s Office of Emergency Management.
Inga Chilingaryan is a News Intern for the summer 2024 quarter. She can be reached at chilingi@uci.edu.
Edited by Victoria Le