Invasion of U.S. Capitol offices opens cyber risk, infosec experts warn

The huge invasion of Congressional offices by Trump supporters Wednesday has created tremendous cybersecurity risks which likely means IT systems will have to be thrown out, experts say.

Twitter was quickly full of comments by IT professionals Wednesday as images of rioters filled TV screens, including one sitting behind the desk of House Speaker Nancy Pelosi (below). “Every computer, every piece of data in the Capitol should now be considered compromised. In terms of national security,” tweeted one tech worker. “We are weaker as a nation than we were two hours ago.”

Image
Source: Twitter . (Saul Loeb/AFP via Getty Images)

Another wrote, “My heart goes out to the unsung IT heroes at the Capitol tonight. My guess is they’ve never had to run asset inventory IR (incident response) before – a daunting, stressful task in a tabletop exercise – and they’re running one (prob w/o a playbook) following a full-on assault of the Capitol.”

The federal government “should assume the worst and should be conducting a full investigation,” says Jon Oltsik, senior principal analyst who focuses on cybersecurity. “{This would involve reviewing all security footage to see where the rioters went and reviewing the status of all systems at the Capitol during the time of the insurrection. I imagine IT can review log files, EDR tools, and logs to see if any systems were active during that timeframe.
“While it’s unlikely that the rioters installed malware on these systems, the security team should fully investigate this. All systems containing sensitive/classified data should be immediately identified and inspected. IT should report on stolen systems immediately, triggering forensic investigations and alerting intelligence agencies to monitor for any “chatter” regarding the content of these systems.”

Protestors or people using the demonstrators as cover should be assumed to have compromised computers and even physical documents, say experts interviewed by BankingSecurity.com.

“Any malicious actor can walk in there with the others with a thumb drive and access a computer. Every system in there will have to be checked,” warned Frank Downs, a former U.S. National Security Agency offensive threat analyst and now director of proactive services at the security firm BlueVoyant.

Embedded video
Also on Twitter, was this image of a ransacked Congressional office. Source: Twitter

Mike Hamilton, a former Department of Homeland Security analyst and now CISO with security firm CI Security was also quoted as saying the protests provided an open door for threat actors.

“This is a really great time for another country to exercise access they may have that may be dormant and waiting for an opportunity like this – for example, Senate and House communication systems,” he said. “It’s not like people aren’t monitoring, but their gaze is definitely averted right now.”

(This story has been updated from the original with comments from Jon Oltsik)

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now