Hackers Infiltrate Judiciary’s Digital System, Locking Out Staff and Disrupting Cases

Cyber attack on Case Tracking System coincides with controversial IEBC ruling, raising questions about judicial independence

Kenya’s judiciary faces a crisis of confidence following a sophisticated cyber attack that has crippled its digital infrastructure for nearly a week, leaving criminal suspects stranded in custody and raising serious questions about the timing and motives behind the breach.

The Judiciary’s Case Tracking System (CTS) was compromised shortly before midnight on July 9, just hours after a three-judge bench cleared the path for the gazettement and swearing-in of Independent Electoral and Boundaries Commission (IEBC) officials.

The timing has sparked speculation about whether the attack was politically motivated to prevent legal challenges to the court’s decision.

Chief Registrar Winfrida Mokaya downplayed the severity of the breach in a Monday statement, describing it as “intermittent access issues due to external interference” rather than acknowledging a full system takeover.

Her careful language contrasts sharply with accounts from judiciary staff who describe a complete shutdown of critical systems.

“We were expecting them [hackers] to release it back after the commissioners were sworn in, but it wasn’t back on Friday,” said one judiciary employee, speaking anonymously.

“Today we came to work very confident that we would find it restored because it was being worked on over the weekend, but it is not yet back.”

The attack has created a humanitarian crisis within Kenya’s criminal justice system.

Suspects who have paid cash bail remain locked up because release orders cannot be processed.

Traffic offenders and petty criminals face indefinite detention, unable to pay fines through the compromised system.

One matatu driver, released on bail by Makongeni police station, revealed the desperate choices facing accused persons: “I know a warrant has been issued against me because I declined to walk into the courtroom on Friday to take a plea. I knew I would remain in prison for a long time after pleading guilty because the system won’t allow me to pay the fines the same day.”

Mokaya claims alternative channels remain operational, citing 282 urgent applications received through official court email addresses and 2,256 criminal cases filed during the outage.

However, these workarounds cannot process payments or generate release orders, effectively creating a two-tier justice system where only non-criminal matters can proceed normally.

The attack exposes critical vulnerabilities in Kenya’s digital judiciary infrastructure.

Despite claims of swift technical response, the system showed only partial restoration on Sunday, working for just one hour on Monday before failing again.

This suggests either sophisticated persistent malware or attackers retaining system access.

Sources within the judiciary suspect “pro-government operatives” orchestrated the timing to prevent stay applications against the IEBC ruling.

The attack’s precision – targeting the CTS while leaving other systems partially functional – indicates detailed knowledge of judicial operations rather than opportunistic hacking.

The breach raises broader questions about cybersecurity across Kenya’s critical infrastructure.

As government services increasingly digitize, the judiciary attack demonstrates how cyber warfare can paralyze essential public services and undermine constitutional rights.

With the system still compromised nearly a week later, Kenya’s judiciary faces mounting pressure to restore services while investigating whether this represents a new frontier in political interference with judicial independence.

The attack’s timing and sophisticated nature suggest this may be more than a simple technical failure – it could represent a dangerous escalation in efforts to manipulate Kenya’s justice system.

As suspects remain in custody without recourse and court operations limp along with makeshift solutions, the full cost of this cyber attack extends far beyond technical disruption to strike at the heart of Kenya’s rule of law.