Home Technology news Capitol Hill IT staff face security mess after riot

Capitol Hill IT staff face security mess after riot



Following From the destructive riots that ransacked the U.S. Capitol on Wednesday, the nation is grappling with questions about the stability and trajectory of American democracy. But inside the Capitol building itself, congressional support staff take care of more immediate logistics, like clean-up and repairs. A crucial part of this: the process of securing offices and digital systems after hundreds of people have gained unprecedented access.

Allowing physical access to a location can have serious cybersecurity consequences. Rioters may have bugged Congressional offices, exfiltrated data from unlocked computers, or installed malware on exposed devices. In the rush to evacuate the Capitol, some computers were left unlocked and remained accessible by the time the rioters arrived. And at least some material was stolen; Senator Jeff Merkley of Oregon said in a video On Wednesday evening, intruders removed one of the laptops from his desk from a conference table.

The House of Representatives and the Senate each have an office of the Sergeant-at-Arms who oversees security. On the Senate side, this body also oversees cybersecurity, while in the House this responsibility lies with the Office of the Director General of Administration. House Speaker Nancy Pelosi on Thursday said Sergeant-at-Arms Paul Irving would resign over the Capitol violation on Wednesday. Senate Majority Leader Chuck Schumer has said he will remove that chamber’s Sergeant-at-Arms Mike Stenger if he does not resign.

“It’s a very, very difficult situation,” former Senate Sergeant-at-Arms Frank Larkin said Thursday. “The place has been rocked a number of times where they had to do instant evacuations or shelter in place, but a scenario like this was not something that was high on the list of possibilities in this regard. which concerns threats. I think 1814 is the last time the Capitol experienced something like this, ”referring to the British invasion of Washington, DC, that year.

Some of the corrective actions will involve steps that Congressional Security is already taking as obvious, such as a thorough review of footage from House and Senate security cameras, hallways and other spaces to see what intruders have. done, including any interactions they may have had. with electronics. But many spaces, including offices, are not under video surveillance. Another routine process involves sweep the bugs, like microphones or hidden cameras. But it will take time to assess every room and hallway at the same time, and the stakes for missing something are high.

“It will probably take several days to explain exactly what happened, what was stolen, what was not,” Acting United States Attorney for the District of Columbia Michael Sherwin said in a briefing Thursday. “Articles, electronic items, were stolen from senators’ offices. Documents, materials, were stolen, and we need to identify what was done, mitigate that, and that could have potential national security actions . If there was any damage, we don’t. Know the extent of that yet. “

Unlike a building like the White House, whose access is very tightly controlled, the Capitol building is often referred to as the “House of the People”. Its security is similar to that of a hospital; many spaces are open and accessible if you have a reason to be there, and only certain areas are closely guarded or access controlled. Larkin, who also spent years with White House security in the Secret Service and is now vice president of corporate development at SAP National Security Services, says the Capitol inherently has more in and out that it cannot be kept simultaneously at normal staffing levels. He points out that the failures to contain and secure the situation occurred while -Trump Mob was outside the building. But Larkin, who retired as Senate Sergeant-at-Arms in 2018, adds that cybersecurity is the next priority after physical security.




Please enter your comment!
Please enter your name here

Exit mobile version