Wash. Courts seek IT security review, audit following breach

May 14, 2013

Washington’s court system will hire an outside expert to perform a computer security review and audit in the wake of a hacking incident that targeted system’s public website.

The hacking, the details of which were released last week, exposed nearly a hundred social security numbers and perhaps up to a million driver’s license numbers. But now there’s another cyber security concern at Washington Courts, this time with the state’s Judicial Information System.

JIS is described as a decades-old statewide clearinghouse for criminal histories, domestic violence protection orders, and outstanding warrants. The old system needs modifications to keep it running, but changes could make it vulnerable to a cyber attack, according to the formal request for bids from firms to review and audit the court’s IT security.

“The threat landscape changes on a daily basis. It used to be that you could assume that the bad guys weren’t getting into your network. And today you need to take more sophisticated approaches,” said Washington’ Chief Information Officer Michael Cockrill.

Because of the constitutional separation of powers, Cockrill doesn’t actually oversee data security for the courts or agencies headed by independently-elected officials. But he does plan to create a cyber security center that would advise any state agency on keeping data safe.