Federal authorities assess cybersecurity risks created by rioters roaming freely in the offices of Congress during Wednesday’s rampage on the U.S. Capitol, including missing laptops and computers that were not secured.
While there is no indication that hacking into computer networks was a target of the rioters, at least three computers were reported missing and it is possible that the intruders gained access to sensitive systems when members of Congress and their staff walked away. hastily taken to safety, according to cybersecurity. experts. Accordingly, the House and Senate should devote resources to mitigating any potential vulnerabilities, they said.
A number of legislatorsare reported missing technology: Senator Jeff Merkley, a Democrat from Oregon, posted a video on Twitter, showing his ransacked office and claiming that intruders “stole the laptop from a table next to the phone.” In a virtual press conference, Rep. James Clyburn, Democrat of South Carolina, said an iPad was missing from his desk, while the device’s bezel and keyboard were left behind. And a spokesperson for House Speaker Nancy Pelosi said on Twitter On Friday, “a laptop computer used only for presentations” wasFlyfrom a conference room.
“Yesterday’s images and videos clearly show crowds entering offices, interacting with devices and at least one unlocked computer,” said Camille François, director of innovation at Graphika Inc., which studies social media. “This raises cybersecurity issues and the potential for compromise. Devices left behind should no longer be considered reliable. “
David Wolpoff, technical director of the security companyRandori Inc., said that once physical boundaries are crossed, everything digital in this space becomes “to some extent suspect”.
“One of the immutable laws of cybersecurity is that if someone has physical access to your computer, it is no longer your computer,” Wolpoff said.
David O’Boyle, spokesperson for the House administrative office, said in a statement officials had taken steps to ensure the security of the House’s network and devices during the upheaval. “We remain vigilant in monitoring the security of the House’s network, systems and information,” O’Boyle said.
Capitol Police did not respond to a request for comment. The U.S. Agency for Cybersecurity and Infrastructure Security referred questions about the technical implications of the riot to House and Senate sergeants-at-arms. House sergeantresignedThursday and the Senate Sergeant – whom Senate Minority Leader Chuck Schumer threatened to fire on Thursday – could not be reached for comment.
Rioters had the opportunity to take sensitive materials when they stormed the Capitol, including external hard drives and USB drives – even though they hadn’t planned to do so, Jerry said Ray, chief operating officer of the security company.SecureAge Technology. The fact that intruders were able to gain access to connected workstations – meaning their owners leaked before they logged out – means congressional passwords, encryption standards, and routing should be revised in the future. weeks to come.
“Overkill is essential right now,” he says.
More to read absolutely technological coverage of Fortune:
- Who is Cristiano Amon, The new CEO of Qualcomm?
- Comment: The Facebook antitrust action is a major assault on entrepreneurs
- Vaccinating the world against COVID is getting off to a slow start. These companies think AI and blockchain could help
- Coup attempt on Capitol Hill presents key cyberattack opportunity, warn experts
- 5G will improve this year, promises the executive of Verizon