From a cybersecurity standpoint, the events at Capitol Hill could not have come at a worse time. While many government agencies are still assessing the extent of the damage suffered from the SolarWinds hack, yesterday’s riots just opened the door for more cyber attacks against institutions, businesses and individuals in the US.
In fact, the threats are multiple and everybody, especially the cybersecurity professionals working for the Federal Government, should remain in high alert.
2 hours of physical breach offered ample time to any attacker to do a lot of harm.
Credentials could have been stolen. Intelligence could have been gathered. Personal information of lawmakers and their staffers could have been collected for future use in social engineering attacks. Bad actors could have gained physical access to critical federal computer systems. Disinformation campaigns, fake photos/audios/videos related to the events are already circulating online and will keep spreading like wildfire.
I want to believe that swift actions are being taken to mitigate the risks and avoid the worst consequences of yesterday’s disturbance.
I imagine that the IT network is being thoroughly and immediately swept.
I imagine that most physical devices (modems, WiFi routers, PCs, cameras, microphones) are being examined and replaced.
I also imagine that lawmakers’ personal devices such as smartphones, tablets and laptops are all being checked and may be updated.
I imagine a lot being done to remove any potential vulnerability, and to restore faith and trust in the system.
The media and all of us, cyber citizens, can also help. For instance, we should refrain from sharing unverified news and content.
After witnessing the lax physical security at the Capitol Building, now more than ever, we know that we can’t take anything for granted.