‘I don’t think I’d sleep well until the networks were rebuilt from scratch’
UPDATED A former US Congress system administrator has suggested that the Capitol Building’s IT networks may need to be “rebuilt from scratch” after Republican rioters breached the facility last night.
Trump loyalists stormed the iconic government building in Washington DC yesterday as Congress met to formally certify Joe Biden’s election win.
The incident, during which the mob demanded President Trump remain in office for a second term, left four people dead, while at least 52 individuals were arrested.
Scenes saw rioters storming Speaker Nancy Pelosi’s office, with documents potentially containing highly sensitive information strewn across desks and the floor.
Pelosi and her staff had evacuated at the last minute to escape the oncoming crowds, leaving computers unlocked and possibly exposing sensitive data.
READ MORE Spoiling the ballot: Cyber issues cast cloud over US presidential election
One Twitter image showed what is reportedly Pelosi’s scheduling manager’s desktop displaying his emails.
In another picture, a Trump supporter sits at Speaker Pelosi’s desk with his feet up. Within his reach is a desktop computer and what appear to be official government documents.
It is feared that the rioters could have taken computer equipment from the building, leading to a serious breach of national security.
Worries surrounding the security of the building’s IT networks have also been raised by those in the cybersecurity industry, following the mob’s unauthorized intrusion.
Rip it up and start again
As the unprecedented events unfolded yesterday, former US Congress sysadmin Ian Campbell wrote on Twitter that the Capitol’s current IT staff now face a “herculean” task to get the facility safely back online.
He wrote: “Knowing House IT stuff, I don't think I’d sleep well until the networks were rebuilt from scratch and every computer wiped and the internals visually inspected before being put back in service.
“Every printer, every copier. Every nook and cranny,” he added.
“This is a herculean effort, but it’s also not unprecedented – there’s a herculean IT effort in the House every two years during office turnover.”
With no shortage of irony, Campbell said: “A bunch of Republicans carrying insecure devices storming a House SCIF [Sensitive Compartmented Information Facility] doesn’t seem so harmless now, does it?”
Read more of the latest cybersecurity news from the US
Theresa Payton, former White House Chief Information Officer (CIO) and CEO of Fortalice Solutions, told The Daily Swig that all devices within the Capitol Building should be forensically scrutinized and any stolen machines ‘bricked’.
“As a former White House (WH) CIO and now an advisor to executives regarding operational security, the protests in our nation’s capital that became violent and deadly are a grave and serious matter. I am hopeful the country and our nation’s leaders will focus on peace and safety and civility.
“The storming of the offices and potential targeting of digital devices is deeply concerning and something I advise executives both in private sector and government settings to have a playbook for.
“The WH CIO has no jurisdiction over the hill but can offer support and ideas as colleagues.”
Payton added: “I highly recommend that devices be forensically examined, data logs be checked, and after the forensics are completed, out of an abundance of caution I would do a factory reset before using [them].
“If devices are stolen, I would either geolocate the device or render it useless using an enterprise device management solution to do what we call in the industry ‘brick the device.’”
There have been no confirmed reports of government laptops or other hardware being stolen, although local media did report that the man pictured in Pelosi’s office left with an envelope from her desk – a claim which he denies.
Social media suspension
Last night also saw President Trump’s Facebook and Twitter accounts suspended after he posted videos that were deemed to violate the social media platforms’ guidelines.
One of the videos saw Trump continuing to spread his false narrative that the election was stolen from him. He also sent his “love” to his supporters outside of the Capitol Building.
A statement from Twitter read: “As a result of the unprecedented and ongoing violent situation in Washington, DC, we have required the removal of three @realDonaldTrump tweets that were posted earlier today for repeated and severe violations of our Civic Integrity policy.”
Twitter also threatened to permanently ban Trump from the platform if he continued to violate its policies.
Similarly, Facebook tweeted: “We’ve assessed two policy violations against President Trump’s page which will result in a 24-hour feature block, meaning he will lose the ability to post on the platform during that time.”
He later told the rioters to go home but did not condemn their actions.
Fake news
Trump has been repeatedly accused of spreading misinformation during his time in office.
Since coming to office in 2016, the former reality television personality has been vocal about his war against so-called “fake news”, claiming that the media was the “enemy” of the American people.
This is despite Trump himself making numerous false claims over the years, including the suggestion that injecting oneself with disinfectant could kill Covid-19, and that thousands of votes in his favor were purposely not counted during the 2020 Presidential Election.
This article has been updated to include comment from Theresa Payton, former White House CIO
YOU MAY ALSO LIKE US government offers $10 million reward for information on cyber interference in elections