Law and water: Russia blamed for US court system break-in and Norwegian dam drama – Source: go.theregister.com

Russian attackers reportedly spent months rummaging through the US federal court’s creaky case-management system, while Norway reckons the same Kremlin-friendly miscreants took control of a dam’s controls – a transatlantic double-act in legal files and floodgates.

The attack on Washington’s systems, confirmed by the Administrative Office of the United States Courts on August 5, saw attackers break into the US court system’s digital filing cabinet where they began rifling through the paperwork.

The CM/ECF platform (and its public-facing cousin PACER) is a patchwork of more than 200 locally run instances, many of them built when Windows XP was still considered cutting-edge, and is used by lawyers to file motions, submit evidence, and upload sensitive case material.

The intruders reportedly accessed the system via bugs that had been gathering dust since 2020 to make off with sealed documents, witness identities, and even a copy of the court system’s own blueprint, according to reports.

On Monday, the New York Times reported that Russia “is at least in part responsible” for the cyberattack, which is said to have been a “years-long effort.”

“Some of the searches included midlevel criminal cases in the New York City area and several other jurisdictions, with some cases involving people with Russian and Eastern European surnames,” the paper stated.

US President Donald Trump, when pressed on whether he’d raise the issue with Vladimir Putin during their planned meeting in Alaska, offered the verbal shrug: “I guess I could. Are you surprised?”

Whether the years-long spree was bankrolled by a nation state or just enterprising crooks with time to kill remains unanswered. The US Department of Justice didn’t immediately respond to The Register‘s questions.

Open the floodgates

Norway’s recent encounter with suspected Russian cyber operators was less about stealth and more about spectacle.

In April, Norway said criminals gained access to a digital system to seize control of a dam in Bremanger by holding its valves open for four hours and sending around 500 liters of water per second gushing downstream. That’s not enough to wash away a village, but it was enough to show they could, in theory, turn a scenic fjord into an inland sea.

• Ex-White House cyber, counter-terrorism guru: Microsoft considers security an annoyance, not a necessity
• Kremlin goons caught abusing ISPs to spy on Moscow-based diplomats, Microsoft says
• Aeroflot aeroflops over ‘IT issues’ after attackers claim year-long compromise
• UK uncovers novel Microsoft snooping malware, blames and sanctions GRU cyberspies
• NCSC says cyber-readiness of UK’s critical infrastructure isn’t up to scratch

Norway’s domestic intelligence agency, PST, is pointing the finger at Moscow for the dam attack, saying the stunt was pure muscle-flexing designed “to cause fear and chaos among the general population,” according to local news reports.

Beate Gangås, head of the agency, said: “Over the past year, we have seen a change in activity from pro-Russian cyber actors.” She added that the incident at Bremanger was one such activity.

Authorities still haven’t singled out which Russian outfit toyed with the Bremanger dam.

From sealed indictments to spillways, the Kremlin’s keyboard warriors appear intent on proving there’s no corner of Western infrastructure too obscure to poke. Whether it’s a court clerk’s login or a dam’s control panel, both seem to leak just fine under pressure. ®