Cybersecurity experts believe that the pro-Trump mob that breached the Senate’s physical security in the United States Capitol on Wednesday posed substantial cybersecurity risks. As congressional staff and legislators were relocated to safe locations, any unprotected computers, documents, mail, or personal hours could have been accessed at the Congressional offices.
The Speaker of the House of Representatives, Nancy Pelosi (D-San Francisco) and the Senator. Jeff Merkley (D – Ore) lost laptops during the capitol riots. The whip of the House majority and the Democratic Representative of South Carolina. James Clyburn (D – District 6) clarified that the lost iPad was only relocated and not stolen as initially reported by the media.
Some protesters also bragged about reviewing documents, including the protester in the photo sitting in Pelosi’s office who reportedly pulled an envelope from the speakers’ desk.
The Capitol riots posed substantial cybersecurity risks to federal and congressional computers
Cybersecurity experts point out that if the protesters accessed congress computers, they could have copied confidential information. Jesse Varsalone, Associate Professor of Computer Networking and Cybersecurity at the University of Maryland Global Campus, says that if the computers were encrypted, the protesters did not pose a cybersecurity risk.
However, if the information was already displayed on screen, the protesters posed significant cybersecurity risks, according to Suzanne Spaulding, a former undersecretary of the Department of Homeland Security and current Nozomi’s security adviser. Spaulding told the Los Angeles Times that the protesters could have snapped document images and opened emails.
The Washington Post reported that a protester had access to an unlocked computer that displayed the email of a staff member at Pelosi’s office. However, the news outlet could not confirm whether the device was a personal computer or a work machine.
Spaulding added that although the protesters who broke into the Capitol building may not have intended to use “their physical access to gain access to the IT system,” the people who took the laptops could eventually exploit them.
David Wolpoff, CTO at Randori Inc., noted that only physical access to Congressional computers presented potentially serious cybersecurity risks. Wolpoff noted that “if someone has physical access to your computer, then it is no longer your computer.”
CNN reported that while the legislature has general cybersecurity guidelines, some decisions were left to the offices of individual legislators. For example, many employees download emails and store them on devices without multiple layers of encryption. Consequently, the cybersecurity risks associated with physical access and theft of “less important” devices cannot be ruled out.
Cheerful. Merkley’s laptop presents additional cybersecurity risks because it was part of the federal network and could allow attackers to infiltrate government systems. Similarly, while Pelosi’s device stolen during the Capitol riots was only used for presentations, there is no guarantee that it will not contain non-public information, including classified presentations.
Other cybersecurity risks posed by the Capitol riots include the installation of malware during the commotion. A cybersecurity adviser to the Obama administration, Mick Baccio, tweeted that there was a possibility of spying and planting bugs during the capitol riot. However, most cybersecurity experts believe that they were unlikely to do so.
Currently, there is no evidence to suggest that tech-savvy cybersecurity threat actors or foreign agents were among the mob that overwhelmed the Capitol Police. However, the Capitol security team must review all footage to understand how protesters interacted with various devices.
Determine the extent of cybersecurity damage
The full scope of the cybersecurity risks to the Capitol protesters would also become clear after Congressional IT staff took an inventory of devices and incidents during the Capitol riot. Acting US Attorney for the District of Columbia Michael Sherwin said it would take “several days to understand exactly what happened, what was stolen and what was not.”
Truss’s chief security officer, Kimber Dowsett, tweeted that IT staff must “run the IR asset inventory” after the Capitol riots.
House spokesman for the administrative office, David O’Boyle, said officials took the necessary steps to protect computer systems during the disturbances at the capitol.
However, Sherwin maintains that “items, electronic items, were stolen from the senators’ offices. Documents, materials were stolen, and we have to identify what was done, mitigate that and it could have potential national security values. “If there was damage, we still don’t know its extent.”
“Legislators and their staff often work with confidential information. Even a lost laptop is a big problem, ”says John Dermody, an attorney in the Washington, DC office of the international law firm O’Melveny & Myers and a member of the firm’s Data Security and Privacy Group.
Dermody hopes that stolen devices can be remotely wiped to prevent any leakage of confidential information. It also recommended that Capitol Hill employees reset their passwords to prevent misuse of any stolen credentials. Capitol IT security personnel must also “clean up the entire network to make sure nothing illicit is placed on the system, such as a USB stick,” according to Dermody.
Experts say the pro-Trump Capitol riot mob posed significant cybersecurity risks. The rioters could have planted #malware, stolen documents, and read emails. #respectdata
“With all the focus on sophisticated cybersecurity tools, we can lose sight of the fact that there is no cybersecurity without physical security,” says Dermody, warning that American adversaries are undoubtedly looking for ways to capitalize on the chaos.
“Foreign intelligence services are opportunistic, and even if the revolt was unexpected, they will look for ways to take advantage.”