Jan 7, 2020

Rioters Had Physical Access to Lawmakers’ Computers. Soltani Weighs in on the Security Risk.

From Vice

Rioters Had Physical Access to Lawmakers’ Computers. How Bad Is That?

By Lorenzo Franceschi-Bicchierai

On Wednesday, hundreds of Donald Trump supporters rioted and stormed the Capitol, getting into the Senate and the offices of some lawmakers, who were hastily evacuated. 

Given how quickly some staffers and lawmakers had to leave, some of them left their computers unlocked and unattended, and some of the terrorists were photographed in front of them. Cybersecurity experts now worry that the rioters had a chance to get their hands on sensitive data, and more importantly, compromise the security of the whole IT system at the Capitol...

"The terrorists/rioters would have easily gained access to congressional files, shared calendars, and emails (including potentially email lists of constituents and supporters for any given congressman)," Ashkan Soltani, a security researcher and the former chief technology officer at the FTC, told Motherboard in an online chat. 

Soltani explained that given that the Freedom of Information Act (which allows the public to request internal public documents) doesn't cover Congress, some of the contents of staffers emails and documents are probably "much more candid in terms of internal plans and deliberations." 

"Finally, I do think there is also the potential to implant malware on the internal network via one of these systems since there was physical access," he added. 

Read more...

Ashkan Soltani is a MIMS alumnus (2009), and an independent researcher and technologist specializing in privacy, security, and behavioral economics.

Last updated:

January 11, 2021