•   
  •   
  •   

Politics The Cybersecurity 202: Riot in the Capitol is a nightmare scenario for cybersecurity professionals

09:00  08 january  2021
09:00  08 january  2021 Source:   washingtonpost.com

QAnon supporter from Arizona dressed in fur and horns joins storming of US Capitol

  QAnon supporter from Arizona dressed in fur and horns joins storming of US Capitol The man was seen in photographs from Washington, D.C., amid supporters of President Donald Trump who turned violent and stormed the U.S. Capitol.Angeli was seen in photographs from Washington, D.C., amid rioters who turned violent and stormed the building, causing both chambers to suspend their intended action of the day: certifying the results of the presidential election for former vice president Joe Biden.

This is the stuff of cybersecurity pros ' nightmares . "There's an old saying, if an attacker has physical access to your computer, it’s not your computer anymore,” Katie Republicans repeatedly made false claims about the election and encouraged unrest ahead of violent scenes in the U.S. Capitol on Dec.

A message reading " Capitol : Internal Security Threat: Police Activity” can be seen in the Neither United States Capitol Police, nor the Department for Homeland Security , responded to requests for Capitol riots are ‘worst case scenario ’ says cybersecurity expert. Richard Barnett, a supporter of

Lawmakers and congressional staff were ushered into secure locations as a mob backing President Trump violently stormed the U.S. Capitol in hopes of overturning the election he lost.

The assault – which only temporarily delayed the certification of president-elect Joe Biden's win – left many unanswered questions about security at the Capitol, including its cybersecurity.

The quick evacuation left computers and other device unattended as the mob ransacked offices.

a man sitting at a table: Supporters of US President Donald Trump sits inside the office of Speaker of the House Nancy Pelosi as he protest inside the US Capitol in Washington, DC, January 6, 2021. (Photo by SAUL LOEB/AFP via Getty Images) © Saul Loeb/AFP/Getty Images Supporters of US President Donald Trump sits inside the office of Speaker of the House Nancy Pelosi as he protest inside the US Capitol in Washington, DC, January 6, 2021. (Photo by SAUL LOEB/AFP via Getty Images)

This is the stuff of cybersecurity pros' nightmares.

"There's an old saying, if an attacker has physical access to your computer, it’s not your computer anymore,” Katie Moussouris, CEO and founder of Luta Security, told me.

Fact check: Social media falsely claims Vice President Mike Pence was arrested

  Fact check: Social media falsely claims Vice President Mike Pence was arrested After rioters breached the U.S. Capitol Wednesday, social media posts claimed Vice President Mike Pence had been arrested. That is false.Vice President Mike Pence was also at the Capitol to preside over the proceedings. Shortly after rioters breached the Capitol, Phil Godlewski took to Facebook to claim that Pence had been arrested.

Capitol riots raise urgent concerns about Congress's information security , cyber experts warn. The incident highlights the grave cybersecurity risks that now face all lawmakers, congressional staffers, and any outside parties they may have communicated with in the course of business, security

John Costello, a senior official for intelligence and security operations at the Department of Commerce, on Thursday announced his resignation in the wake of the riots at “Today, I resigned my position as Deputy Assistant Secretary for Intelligence and Security at the Department of Commerce,” Costello

A now-removed tweet from a right-wing journalist showed rioters had access to at least one unlocked computer in House Speaker Nancy Pelosi's office, open to email appearing to belong to a staffer. It's unclear if the computer was a work or personal device, and my colleague Mike DeBonis confirmed no computers were taken from Pelosi's office.

However, Sen. Jeff Merkley (D-Ore.) said a computer was stolen from his office:

Mick Baccio, security adviser at Splunk and a former Obama administration cyber official, pointed out the possibility of spying:

Physical access to sensitive devices could have allowed tech-savvy intruders to penetrate congressional systems.

“Having shown that they’re willing to rummage through and destroy physical papers and run through the offices of our Congress right now with physical destruction, I would not be surprised if they were trying to access some of the computers that were left unlocked, Moussouris says. (Some rioters boasted about looting offices for documents. One person, pictured earlier in Pelosi's office, told the New York Times's Matthew Rosenberg that he plucked an envelope from Pelosi's desk.)

Actions by 'all actors,' including Trump, may be under scrutiny following violence at the Capitol, prosecutor says

  Actions by 'all actors,' including Trump, may be under scrutiny following violence at the Capitol, prosecutor says "We're looking at all actors," Acting U.S. Attorney Michael Sherwin said when asked about the role Trump played.Actions by President Donald Trump, who had encouraged his supporters to go to the Capitol as he continued to falsely claim that the election had been stolen from him, may not be exempted from scrutiny.

The Cybersecurity 202 : The government's cyber workers are back in action. First task: Checking for hacks. PATCHED: International undercover operatives posing as investors targeted members of the cybersecurity watchdog Citizen Lab, which has worked to expose damage to civil liberties caused by

While cybersecurity experts and industry executives describe such warnings as alarmist, intelligence officials say people underestimate how destructive a If hackers were to knock out 100 strategically chosen generators in the Northeast, for example, the damaged power grid would quickly overload

Bad actors could also try to guess the passwords of locked devices, which could be successful if the device lacked a strong password, Moussouris says. Anything more intensive, such as breaking into an iPhone, probably would require a third party. The government normally keeps its most sensitive classified information in separate spaces called sensitive compartmented information facilities.

That's why the extent to which the mob posed a security risk to Congress depends on the expertise of the rioters, Moussouris said. Most, she guessed, are not exactly cybercriminals.

But taking a laptop would give the thief more time to crack into the computer – or even potentially take to a professional to crack into.

House IT officials did not respond for comment about steps they're taking to secure exposed devices. Important practices that all organizations should implement include having multi-factor password protection and a centralized mechanism to wipe devices of data, Moussouris told me.

Fact check: Viral images compare handling of Black Lives Matter protests and Capitol riot

  Fact check: Viral images compare handling of Black Lives Matter protests and Capitol riot Posts on social media use images to compare law enforcement's treatment of Black Lives Matter protests with the Capitol breach.As the events unfolded, many on social media shared images purporting to show the stark divide between law enforcement's handling of the 2020 Black Lives Matter protests compared to the Trump supporters who violently stormed the Capitol.

Cybersecurity experts told Insider that congressional offices need to take immediate steps to secure potentially stolen hardware, and that all the computers The siege of the Capitol by a rioting mob of Trump supporters Wednesday was a historical security failure right at the seat of the US government

Cybersecurity is the convergence of people, processes and technology that come together to protect organizations, individuals Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.

Capitol Police could not be reached for comment about the extent of protesters' intrusions.

The breach will keep congressional IT staff busy.

Kimber Dowsett, director of security engineering at Truss:

Ian Campbell, who previously worked on IT support for members of the House, said that the task of inspecting the equipment is a herculean IT effort.

Yesterday's scare will likely lead to Congress revisiting the playbook for securing devices during an emergency. But ultimately the breach was a physical security problem that's raising major questions, as my colleagues Carol D. Leonnig, Aaron C. Davis, Dan Lamothe and David A. Fahrenthold write.

The final days of Trump's term could be precarious.

In a stark reversal from yesterday's inflammatory rhetoric riling up his supporters, Trump pledged an orderly transition following the voter.

“Even though I totally disagree with the outcome of the election, and the facts bear me out, nevertheless there will be an orderly transition on January 20th,” Trump said in a statement tweeted by White House social media director Dan Scavino.

FBI looking for man in Senate with zip ties, tactical gear; experts call him a rioter 'hunting for people'

  FBI looking for man in Senate with zip ties, tactical gear; experts call him a rioter 'hunting for people' Holding zip-tie handcuffs, a man in paramilitary gear who moved through the Senate Chamber during the Capitol riot alarms counter-terrorism experts.The man was not with security, who'd recently evacuated U.S. Senators and Vice President Mike Pence from the floor below. Experts say he was among the rioters who disrupted U.S. Congress's certification of Trump's election loss with violence, resulting in five fatalities to date.

Trump said he would continue to “fight to ensure that only legal votes were counted.

The keys

A wide-reaching government hack by Russia also hit the Justice Department, officials say.

a person wearing a blue shirt: Former US Attorney General William P. Barr leaves the podium after a news conference. © Michael Reynolds/AFP/Getty Images Former US Attorney General William P. Barr leaves the podium after a news conference.

The agency confirmed that Russian actors accessed its unclassified Microsoft email system, Ellen Nakashima reports.

“At this point, the number of potentially accessed O365 mailboxes appears limited to around 3-percent and we have no indication that any classified systems were impacted, spokesman Marc Raimondi said.

The method used by hackers has been eliminated, he said.

At least ten federal agencies including the Treasury and Homeland Security Department were also breached. The intelligence community is still investigating the attack.

Biden is expected to pick the NSA's top cybersecurity official as the White House's new cyber czar.

a sign on the side of a building: Sign outside the National Security Agency (NSA) campus in Fort Meade, Md. AP Photo/Patrick Semansky, File) © Patrick Semansky/AP Sign outside the National Security Agency (NSA) campus in Fort Meade, Md. AP Photo/Patrick Semansky, File)

Anne Neuberger, a career intelligence official, would play an influential role in the Biden administration's cleanup of the recent months-long hacking campaign, Natasha Bertrand reports. The cybersecurity role within the National Security Council was created in the recently-passed defense authorization bill.

Capitol riot live updates: More arrests, violence across US as Pope Francis condemns 'this movement'

  Capitol riot live updates: More arrests, violence across US as Pope Francis condemns 'this movement' An organization that tracks online activity of white supremacists says many Americans don’t understand how openly the Capitol riot was planned.House Democrats could introduce an article of impeachment against President Donald Trump as soon as Monday alleging "incitement of insurrection" for his role in encouraging a "wild" rally that morphed into a deadly riot. Some Republicans also have expressed support for Trump's removal from office.

Neuberger served as the NSA's first cybersecurity director and has managed intelligence sharing with other agencies and the private sector. That means she could hit the ground running in implementing a Biden cyber agenda

A transition spokesperson declined to confirm the pick to Politico. Neuberger is widely respected by intelligence committee members in Congress and in the private sector. The NSA declined to comment.

Twitter and Facebook locked Trump's accounts for the first time during violent riots by his supporters.

It's an unprecedented step by the two companies, who have often come under criticism for their handling of Trump's inflammatory rhetoric, Tony Romm, Elizabeth Dwoskin and Drew Harwell report. Twitter is set to restore Trump's account after a 12 hour suspension, and Facebook's will be in place for 24 hours.

Facebook also took the rare step of removing a video from Trump laced with misinformation about the riot. YouTube also removed the video.

Tweets from Trump making similar claims were also removed.

“These are the things and events that happen when a sacred landslide election victory is so unceremoniously & viciously stripped away from great patriots who have been badly & unfairly treated for so long,” Trump said in a tweet since removed. “Go home with love & in peace. Remember this day forever!”

Trump could face a permanent ban on the site if he continues to violate its policies when his account is reactivated.

Correction: This piece originally stated Trump's account had been unlocked at time of publication. It was not yet restored.

Former Capitol Police Chief Steven Sund's request for National Guard backup was denied, he says in interview

  Former Capitol Police Chief Steven Sund's request for National Guard backup was denied, he says in interview Former Capitol Police Chief Steven Sund says his requests for National Guard assistance before and during the riot were repeatedly turned down.Sund, who resigned his post the day after the riot, told The Washington Post he had been concerned that the protest planned for Jan. 6 would be larger than expected. Sund said he asked House and Senate security officials for permission to request that the National Guard be placed on standby.

More cybersecurity news:

Huawei appeals Swedish court decision over 5G network exclusion (Reuters)

NYSE will remove share listings of Chinese telecom companies as Trump moves to ban Chinese apps Alipay and WeChat Pay (Jeanne Whalen)

Daybook

  • The Aspen Institute is holding a panel “A Moment of Reckoning: Understanding the Russian Cyber Attack” today at 2p.m. Speakers include Sen. Mark Warner.
  • The Washington Post’s David Ignatius will interview Palantir chief executive Alex Karp to discuss how the company is helping foreign governments manage their coronavirus responses Thursday at 10 a.m. EST.
  • CES will take place virtually from Jan. 11-14
  • SANS will hold an event "BIPOC in Cybersecurity Forum: Cloud Security" on Feb. 18 from 11a.m. to 5p.m.

Secure log off

Watch as Vice president Mike Pence declares Biden the winner of the 2020 presidential election:

In wake of Capitol riot, active-duty Army officer under investigation .
The Army is investigating Capt. Emily Rainey’s presence at the Capitol and what she did there, said Maj. Dan Lessard. Sen. Duckworth has called for broader investigations.The Army is investigating Capt. Emily Rainey’s presence at the Capitol and what she did there, said Maj. Dan Lessard, spokesperson for 1st Special Forces Command (Airborne) at Fort Bragg, North Carolina. It is unclear if she violated any laws, he said.

usr: 8
This is interesting!