Sunday, March 26, 2023

Missing laptops increase cyber risk from U.S. Capitol chaos

Must read


Federal authorities assess cybersecurity risks created by rioters roaming freely in the offices of Congress during Wednesday’s rampage on the U.S. Capitol, including missing laptops and computers that were not secured.

While there is no indication that hacking into computer networks was a target of the rioters, at least three computers were reported missing and it is possible that the intruders gained access to sensitive systems when members of Congress and their staff walked away. hastily taken to safety, according to cybersecurity. experts. Accordingly, the House and Senate should devote resources to mitigating any potential vulnerabilities, they said.

A number of legislatorsare reported missing technology: Senator Jeff Merkley, a Democrat from Oregon, posted a video on Twitter, showing his ransacked office and claiming that intruders “stole the laptop from a table next to the phone.” In a virtual press conference, Rep. James Clyburn, Democrat of South Carolina, said an iPad was missing from his desk, while the device’s bezel and keyboard were left behind. And a spokesperson for House Speaker Nancy Pelosi said on Twitter On Friday, “a laptop computer used only for presentations” wasFlyfrom a conference room.

“Yesterday’s images and videos clearly show crowds entering offices, interacting with devices and at least one unlocked computer,” said Camille François, director of innovation at Graphika Inc., which studies social media. “This raises cybersecurity issues and the potential for compromise. Devices left behind should no longer be considered reliable. “

David Wolpoff, technical director of the security companyRandori Inc., said that once physical boundaries are crossed, everything digital in this space becomes “to some extent suspect”.

“One of the immutable laws of cybersecurity is that if someone has physical access to your computer, it is no longer your computer,” Wolpoff said.

David O’Boyle, spokesperson for the House administrative office, said in a statement officials had taken steps to ensure the security of the House’s network and devices during the upheaval. “We remain vigilant in monitoring the security of the House’s network, systems and information,” O’Boyle said.

Capitol Police did not respond to a request for comment. The U.S. Agency for Cybersecurity and Infrastructure Security referred questions about the technical implications of the riot to House and Senate sergeants-at-arms. House sergeantresignedThursday and the Senate Sergeant – whom Senate Minority Leader Chuck Schumer threatened to fire on Thursday – could not be reached for comment.

Rioters had the opportunity to take sensitive materials when they stormed the Capitol, including external hard drives and USB drives – even though they hadn’t planned to do so, Jerry said Ray, chief operating officer of the security company.SecureAge Technology. The fact that intruders were able to gain access to connected workstations – meaning their owners leaked before they logged out – means congressional passwords, encryption standards, and routing should be revised in the future. weeks to come.

“Overkill is essential right now,” he says.

More to read absolutely technological coverage of Fortune:


- Advertisement -spot_img

More articles


Please enter your comment!
Please enter your name here

- Advertisement -spot_img

Latest article