Public Defenders: The Justice System’s New Soft Target

Government Technology reports that a string of cyberattacks against public defender offices in Arizona, New Mexico, and Colorado disrupted access to case files and slowed legal services, exposing how fragile this part of the justice system is to ransomware and data-theft operations. These are not high-budget agencies; they run aging or undersecured systems but hold highly sensitive data—indigent-defense case notes, witness information, plea negotiations, even victim and juvenile details—that attackers can extort or leak. Investigators don’t see a single coordinated campaign, but the pattern is obvious: threat actors are pivoting to “low-resourced, high-sensitivity” targets inside government because they’re easier to breach and harder to recover. The bigger concern is systemic: when defenders’ offices go offline, defendants’ rights, court timelines, and public trust are all impacted, turning a cyber event into a justice-delivery problem. State and county agencies will have to tighten basic controls—MFA, logging, network segmentation, secure file-sharing—and elevate public defense IT to the same security tier as prosecutors and courts. 

Source