There was no sign that any of the protesters had technology skills or planned to install malware on congressional devices, said Suzanne Spaulding, an advisor to Nozomi Networks and former undersecretary for the Department of Homeland Security. “From an IT perspective, when I look at the events of what happened [that day] and all of the incredible implications… the IT cybersecurity concerns are not the highest on my list,” Spaulding told the Los Angeles Times.
To be sure, as acting U.S. Attorney for D.C. Michael Sherwin announced, “Electronic items were stolen from senators’ offices,” with potential ramifications for what he described as “national security equities.” Insurrectionists made off with at least two computers, including devices belonging to House Speaker Nancy Pelosi (D-Calif.) and Sen. Jeff Merkley (D-Ore.). And as Slate notes, cybersecurity protocols in Congress are not necessarily as stringent as for the executive branch.
Still, as TechCrunch reports, classified information in congressional computers is stored in separate “sensitive compartmented information facilities,” or SCIFs, in locked-down sections of the building. There has not yet been a sign that any SCIFs were breached. What’s more, most staffers, like other people nationwide who are able, have been working remotely.
Andrew McLaughlin, who served as the deputy chief technology officer of the United States during the Obama administration, told Slate that while the worst-case scenario would be someone using USB drives to infect congressional computers with malware, that’s highly improbable. After all, USB drives are supposed to be disabled on those computers.
In the end, although the likely jeopardy to U.S. cybersecurity from the incident doesn’t seem great, congressional IT staffers will have their work cut out for them cleaning up after the incident. Kiersten Todt, managing director of the Cyber Readiness Institute, told CNN she’d hope “that the congressional IT division was on top of things and taking inventory across all offices, checking to see which devices were accounted for, and which were not, and were able to wipe those devices clean immediately.”
A note of warning remains. “Regardless of how much they want to downplay this, the laptop has to have at least access that could be leveraged,” Brandon Hoffman, the chief information security officer at IT security provider Netenrich, told The Guardian. “It’s highly unlikely that this laptop was sitting there with no files, or file access, or any other useful information to somebody looking for leverage or retribution.”