January 6, 2021 — it is now a day that lives in infamy in the United States. It’s a day that saw an unprecedented riot occur at the U.S. Capitol, with what started as a protest against the certification of the 2020 Electoral College results turn into what’s been deemed a violent insurrection.
So far, it has been reported that five people died during the attack. It was started by sympathizers of President Donald Trump who assembled to protest the results of the recent election. It turned violent, with public property that represent the heart of American democracy defaced and compromised while a whole debate has erupted over how this could happen in the first place.
Beyond the political storm surrounding the event, it also reflects serious security concerns.
What does the events of that day say about the state of security in this new year?
‘A nightmare scenario’
It is said that the riot and ensuing attack on the Capitol building is a “nightmare scenario” for cybersecurity officials.
Tonya Riley of The Washington Post writes that the domestic terrorism attack exposed considerable security flaws of the building itself — and our government as a whole.
For one, the immediate evacuation of Congressional offices meant computers and mobile devices were left unattended. This is particularly dangerous given the classified and highly sensitive information contained in the Capitol. While this has implication for national security, it brings with it reminders for all of us about our own personal security protocols.
“There’s an old saying, if an attacker has physical access to your computer, it’s not your computer anymore,” Katie Moussouris, CEO and founder of Luta Security, told Riley.
One of the most stunning revelations was that rioters accessed at least one unlocked computer in the office House Speaker Nancy Pelosi — who is privy to some of the most sensitive information in the country. This gave the attackers access to emails believed to belong to one of her staffers. It wasn’t just Pelosi — Sen. Jeff Merkley of Oregon revealed a computer was actually stolen from his office.
Why you should secure your devices and information
Mousourris stressed the importance of having a strong password for all your devices. It is possible some of the rioters could guess passwords that might not have been very secure in the first place.
If an iPhone is left exposed, for instance, it is harder to hack an Apple device without a third party able to get around the authentication systems the company puts in place for all their devices.
That being said, Mousourris explained that stealing a computer and bringing it to another location is a real concern. There is more time for someone to either crack into the computer themselves or employ a professional hacker.
What does this mean for you?
As always, practice good security hygiene, if you will. Make sure you devise strong passwords for all devices, consider installing robust security at your private home or business, and don’t leave important technology or sensitive information physically exposed and easily accessible.
You don’t have to be a member of Congress or a government official to understand that this month’s attack on the Capitol bears serious ramifications for all of us. It may be a new year, a fresh start, but it is still one that has revealed security threats are ever present.
Peter Cavicchia II 