Post-Riot, the Capitol Hill IT Staff Faces a Security Mess

WIRED

Photograph: Samuel Corum/Getty Images

In the aftermath of destructive riots that trashed the United States Capitol on Wednesday, the nation is grappling with questions about the stability and trajectory of US democracy. But inside the Capitol building itself, congressional support staff is dealing with more immediate logistics like cleanup and repairs. A crucial part of that: the process of securing the offices and digital systems after hundreds of people had unprecedented access to them.

Physical access to a location can have serious cybersecurity ramifications. Rioters could have bugged congressional offices, exfiltrated data from unlocked computers, or installed malware on exposed devices. In the rush to evacuate the Capitol, some computers were left unlocked and remained accessible by the time rioters arrived. And at least some equipment was stolen; Oregon senator Jeff Merkley said in a video late Wednesday that intruders took one of his office’s laptops off a conference table.

The House of Representatives and Senate each have a Sergeant-at-Arms office that oversees security. On the Senate side this body also supervises cybersecurity, whereas in the House that responsibility lies with the Office of the Chief Administrative Officer. On Thursday, speaker of the house Nancy Pelosi said that sergeant-at-arms Paul Irving would resign over Wednesday’s breach of the Capitol. Senate majority leader Chuck Schumer said he would remove that chamber’s Sergeant-at-Arms, Mike Stenger, if he does not resign.

Full article