Cyberattacks on U.S. federal courts are no longer just IT problems. They now pose a national security threat.
That is Senator Ron Wyden’s warning in a blunt letter to Chief Justice John Roberts this week, urging the Supreme Court to address repeated breaches of the judiciary’s document filing and email systems. Wyden called the hacks “unacceptable” and said weak practices have left the courts “an inviting target” for foreign adversaries.
A Shadowy Breach
The immediate trigger for Wyden’s letter was a recent disclosure that Russian hackers affiliated with APT29, commonly linked to Russia’s foreign intelligence service, infiltrated the federal judiciary. Details remain classified, which suggests the damage could be serious.
The risk is clear. Court networks hold sealed case files, personal identifiers, internal communications, and investigative strategies. In the wrong hands, this information can be used for blackmail, exposure of witnesses, or manipulation of sensitive cases.
Courts Outside Federal Cyber Rules
Wyden noted that while executive branch agencies such as DOJ and DHS must comply with Office of Management and Budget security mandates, the judiciary is not bound by the same oversight. It runs its own IT operations with limited accountability and transparency.
“The courts’ decisions to exempt themselves from basic cybersecurity requirements are putting the entire system at risk,” Wyden wrote. “This isn’t just about technical safeguards, it’s about national security, the integrity of the legal process, and public trust.”
A History of Warnings
Concerns about judicial cybersecurity are not new. In 2020, the Administrative Office of the U.S. Courts disclosed a significant breach of its electronic filing system, including PACER, later tied to the SolarWinds espionage campaign.
Despite promises of reform, Wyden says little has changed. He cited recent assessments showing outdated software, weak or missing multi-factor authentication for judges and clerks, and email systems still vulnerable to phishing. He also criticized the Administrative Office for withholding breach details from Congress. “Secrecy does not enhance security,” he wrote.
A System Exposed
Wyden’s letter paints a troubling picture of courts that are poorly equipped to defend against state-sponsored attackers. Without strong logging, endpoint monitoring, or network segmentation, intruders can move laterally for weeks or months without detection.
Because courts handle matters ranging from criminal conspiracies to cases involving classified intelligence, even one compromised inbox could expose law enforcement sources or counterintelligence operations. “The risk of a catastrophic leak is not hypothetical,” Wyden wrote.
He questioned why the judiciary continues to sidestep cybersecurity standards long recommended by CISA and NIST. “This is not a budget issue,” he argued. “It’s a matter of will.”
What Comes Next
Wyden urged Chief Justice Roberts to impose baseline protections across the judiciary, including:
- Mandatory multi-factor authentication for all judges and staff
- Timely patching of software and systems
- Clear and timely incident reporting to Congress
- Adoption of zero trust security frameworks
Whether Roberts or the Judicial Conference will act remains uncertain. Courts have historically guarded their independence from executive oversight, and many judges resist technology mandates from Congress. As attacks on public institutions grow more frequent and damaging, the cost of inaction is rising.
Wyden’s message is direct. Cybersecurity is no longer a back-office concern. It is constitutional in scope. If the courts fail to adapt, the fallout could extend far beyond a single breach.
