Attack on US Capitol offices reveals cyber risk, warning experts

Attack on US Capitol offices reveals cyber risk, warning experts

The massive invasion of congressional offices by Trump supporters on Wednesday poses a tremendous cyber security risk, which means IT systems have to be thrown out.

Twitter was filled with comments by IT professionals on Wednesday, as photos of rioters filled the TV screen, with one sitting behind the desk of House Speaker Nancy Pelosi (below). “Every computer, every piece of data in the capital, should now be considered compromised. In terms of national security, ”a technical staffer tweeted. "We are weaker as a nation than two hours ago."

Another wrote, "My heart went to the unsung IT hero of the Capitol tonight. My guess is that they have never had to run inventory inventory IR (incident response) before - a difficult, stressful task in a tabletop exercise - and they are running one (pro w / oa playbook) after a full-on attack . Capital. "

The federal government "must assume the seniority and conduct a full investigation," says John Oltsik, senior principal analyst who focuses on cybercity. "- This will include a review of all the security footage to see where the rioters went and review the status of all the systems in the Capitol at the time of the rebellion. I think to see if any of the systems were there during that timeframe Was active, can review log files, EDR tools, and logs.

"While it is unlikely that the rioters have installed malware on these systems, the security team must thoroughly investigate it. All systems with sensitive / classified data must be immediately identified and inspected. IT on stolen systems Must report immediately, trigger forensic investigations and alert intelligence agencies to monitor for any "nonsense" about the contents of these agencies. "

Demonstrators or those using as cover are supposed to have compromised computers and even physical documents, say experts who have been interviewed by BankingSecurity.com.

“Any malicious actor can walk there along with others with thumb drives and use a computer. Every US system has to be checked, ”warns Frank Downs, a former US National Security Agency offensive officer and now director of active services at security firm Bluevoint.

Mike Hamilton, former Department of Homeland Security analyst and now CISO with security firm CI Security, was quoted as saying that the protests provided an open door for the threaters.

"This is a very good time for another country to exercise access that may be idle and wait for such an opportunity - for example, the Senate and House communications systems," he said. "It's not that people aren't monitoring, but their gaze is definitely average right now."