CLEVELAND — Cleveland’s municipal courts closed Monday and will remain closed Tuesday, as officials investigate what they're calling a “cyber incident” that happened Sunday. 

According to a statement from deputy court administrator Mike Negray, the nature and scope of the incident is unknown, but all affected systems have been shut down as a precautionary measure.

What You Need To Know

  • Cleveland’s municipal courts closed Monday and will remain closed Tuesday, as officials investigate what they're calling a “cyber incident”

  • Deputy court administrator Mike Negray said the nature and scope of the incident is unknown, but all affected systems have been shut down as a precaution

  • Steve Stransky, a cybersecurity expert at Thompson Hine LLP, said it’s not uncommon for local governments to the target of cyberattacks

  • In many of those instances, Stransky said, hackers are seeking ransom from local governments in order to keep sensitive information from being released on the dark web

“As a precautionary measure, the Court has shut down the affected systems while we focus on securing and restoring services safely. These systems will remain offline until we have a better understanding of the situation,” Negray’s statement said.

Steve Stransky, a cybersecurity expert at Thompson Hine LLP, said it’s not uncommon for local governments to the target of cyberattacks.

“We usually see foreign nation state actors or threat groups are targeting state and local governments, because they’re a treasure trove of information,” Stransky said.

In many of those instances, Stransky said, hackers from somewhere like China, Russia or Iran are seeking ransom from local governments in order to keep sensitive information from being released on the dark web. But, he said, it’s too soon to say what’s happening in Cleveland’s courts at this time.

“By taking their systems offline, they could potentially prevent the spread of malicious activity within their IT systems,” Stransky said. “But that doesn’t necessarily mean that this is going to be a full-blown ransomware event, that they could just be proactive and really shutting down and limiting their exposure of their IT networks as they’re doing their internal investigation.”

This is not the first time Ohio agencies have been the target of a cyber threat in the last year. 

In June, Cleveland City Hall was affected by an attack that shut down its systems for days. Then, in July, the city of Columbus faced a cyberattack that resulted in the compromise of some citizens’ private health information. Unfortunately, Stransky said, this is something that businesses and organizations will continue having to deal with in the digital age.

“On the proactive side, there’s measures that organizations are taking every single day in order to implement comprehensive cybersecurity tools,” he said. “You’re talking about technical, physical, administrative, security controls in order to protect third parties from entering into your environment.”

While there is still a lot unknown about what’s happening in Cleveland’s municipal court system for now, Stranksy expects more will be revealed in the coming days and weeks.

“Generally, the city, like any organization, is going to provide information regarding who the threat actor was, whether it was a malicious third party or whether it was any type of IT incident internally, such as an update gone wrong,” he said.

This is a developing story, and we will continue to bring you the latest updates as they become available.