The administrator for the Philadelphia courts system on Saturday backed away from an earlier comment in which he had said that the virus that has infected the courts’ computers may have come from Russia.
Joseph H. Evers, court administrator for the First Judicial District, said that “initial indications led to a suspicion that Russians may have been involved” but that experts no longer are endorsing that view. He had said Friday that the attack appeared to come from Russia.
In a separate interview, Mark Wheeler, chief information officer for the Kenney administration, said Saturday that the hunt for the culprit remained wide open. He said an examination of the virus to look for a digital “signature” of its creator remained incomplete.
Wheeler did say that the FBI had tied the virus to a particular IP address in a particular place, which he called a “command and control center” for the malware. He declined to say where the computer was located but added, “It’s not Russian.”
He added that officials hoped to reveal more later. But, he said, “We don’t have any forensic examination yet. So we can’t speculate as to who and why.”
The attack forced the courts to shut its employees’ email system and its court information and electronic-fling portals on May 21. Officials restored regular email about two weeks ago and are hopeful they can bring back the portals for public information and electronic-filing this week.
No ransom demand was made, suggesting the attack was done out of malice alone.
Evers sent a letter Friday to top judges that identified SoluStaff, a firm headquartered in Montgomery County, as the security company hired to combat the attack. Evers said it had been paid $17,304 so far.
In his message to judges, Evers said SoluStaff has been awarded an additional $60,000 contract for more work to help the First Judicial District modernize its systems and improve security. SoluStaff is headquartered in Erdenheim and has offices in Center City, New York City, and Leesburg, Va.
In the message, Evers assured the court system’s governing board that there had been “absolutely no indication of a breach of court data.”