Federal authorities are assessing the cybersecurity risks created by rioters roaming freely through congressional offices during Wednesday’s rampage at the U.S. Capitol, including missing laptops and computers that were left unsecured.
While there is no indication that hacking into computer networks was a goal of the rioters, at least three computers were reported missing and the potential exists that the intruders gained access to sensitive systems when members of Congress and their staff hastily took cover, according to cybersecurity experts. As a result, the House and the Senate should devote resources to mitigating any potential vulnerabilities, they said.
A number of lawmakers have reported missing technology: Senator Jeff Merkley, a Democrat from Oregon, posted a video to Twitter, showing his ransacked office and sharing that intruders “stole the laptop that was sitting on a table next to the telephone.” In a virtual press conference, Representative James Clyburn, Democrat from South Carolina, said that an iPad went missing from his office, while the device’s frame and keyboard were left behind. And a spokesman for House Speaker Nancy Pelosi said on Twitter Friday that “a laptop only used for presentations” was stolen from a conference room.
“The images and videos from yesterday clearly show crowds entering offices, interacting with devices and at least one unlocked computer,” said Camille Francois, the chief innovation officer at the firm Graphika Inc., which studies social media, in an interview on Thursday. “This raises cybersecurity concerns, and potential for compromises. Devices left behind should no longer be considered trusted.”
David Wolpoff, chief technology officer of the security firm Randori Inc., said that once physical boundaries are breached, everything digital in that space becomes “to some degree suspect.”
“One of the immutable laws of cybersecurity is if someone has physical access to your computer then it’s not your computer anymore,” Wolpoff said.
David O’Boyle, spokesperson for the administrative office of the House of Representatives, said in a statement that officials took steps to ensure that the House network and devices remained secure during the upheaval. “We remain vigilant in monitoring the security of the House network, systems, and information,” O’Boyle said.
The Capitol Police didn’t respond to a request for comment. The U.S. Cybersecurity and Infrastructure Security Agency referred questions about the technical implications of the riot to the House and Senate sergeants-at-arms. The House Sergeant resigned Thursday and the Senate sergeant — who Senate Minority Leader Chuck Schumer threatened to fire Thursday — couldn’t be reached for comment.
The rioters had the opportunity to take sensitive materials as they stormed the Capitol, including external hard drives and USB sticks — even if they hadn’t planned to do so, said Jerry Ray, chief operating officer of the security firm SecureAge Technology. That the intruders may have had access to logged in work stations — meaning their owners fled before logging out — means that congressional passwords, encryption standards and routing should be revised in the coming weeks.
“Overkill is essential right now,” he said.