Missing laptops raise cyber risks from US Capitol mayhem

Workers cleaning an office at the US Capitol building in Washington, D.C., US, on Jan 7, 2021. That the rioters may have had access to logged in work stations – meaning their owners fled before logging out – means that congressional passwords, encryption standards and routing should be revised in the coming weeks. — Bloomberg

US federal authorities are assessing the cybersecurity risks created by rioters roaming freely through congressional offices during the Jan 6 rampage at the US Capitol, including missing laptops and computers that were left unsecured.

While there is no indication that hacking into computer networks was a goal of the rioters, at least three computers were reported missing and the potential exists that the intruders gained access to sensitive systems when members of Congress and their staff hastily took cover, according to cybersecurity experts. As a result, the House and the Senate should devote resources to mitigating any potential vulnerabilities, they said.

A number of lawmakers have reported missing technology: Senator Jeff Merkley, a Democrat from Oregon, posted a video to Twitter, showing his ransacked office and sharing that intruders “stole the laptop that was sitting on a table next to the telephone”. In a virtual press conference, Representative James Clyburn, Democrat from South Carolina, said that an iPad went missing from his office, while the device’s frame and keyboard were left behind. And a spokesman for House Speaker Nancy Pelosi said on Twitter Friday that “a laptop only used for presentations” was stolen from a conference room.

“The images and videos from yesterday clearly show crowds entering offices, interacting with devices and at least one unlocked computer,” said Camille Francois, the chief innovation officer at the firm Graphika Inc, which studies social media, in an interview on Thursday. “This raises cybersecurity concerns, and potential for compromises. Devices left behind should no longer be considered trusted.”

David Wolpoff, chief technology officer of the security firm Randori Inc, said that once physical boundaries are breached, everything digital in that space becomes “to some degree suspect”.

“One of the immutable laws of cybersecurity is if someone has physical access to your computer then it’s not your computer anymore,” Wolpoff said.

David O’Boyle, spokesperson for the administrative office of the House of Representatives, said in a statement that officials took steps to ensure that the House network and devices remained secure during the upheaval. “We remain vigilant in monitoring the security of the House network, systems, and information,” O’Boyle said.

The Capitol Police didn’t respond to a request for comment. The US Cybersecurity and Infrastructure Security Agency referred questions about the technical implications of the riot to the House and Senate sergeants-at-arms. The House Sergeant resigned Thursday and the Senate sergeant – who Senate Minority Leader Chuck Schumer threatened to fire Thursday – couldn’t be reached for comment.

The rioters had the opportunity to take sensitive materials as they stormed the Capitol, including external hard drives and USB sticks – even if they hadn’t planned to do so, said Jerry Ray, chief operating officer of the security firm SecureAge Technology. That the intruders may have had access to logged in work stations – meaning their owners fled before logging out – means that congressional passwords, encryption standards and routing should be revised in the coming weeks.

“Overkill is essential right now,” he said. – Bloomberg

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3

Next In Tech News

CAICT: Smartphone shipments in China in March increase 67.7%
Intel to supply self-driving systems for delivery trucks
Apple working on combined TV box, speaker to revive home efforts
Twitter plans to hire first product, engineering team in Africa
The pandemic and remote working continue to drive booming PC sales
U.S. senator wants to ban Big Tech from buying anything ever again
Nvidia expects first-quarter sales to exceed $5.3 billion
Intel in talks to produce chips for automakers within six to nine months -CEO
Exclusive: GameStop initiates search for new CEO - sources
Nvidia, Volvo Cars accelerate auto industry's data-processing power race

Stories You'll Enjoy