When insurrectionists occupied the US Capitol on Wednesday, they did not alter the outcome of the presidential election, but they did ransack the offices of lawmakers, rifle through computer files and emails, and steal personal electronics and documents.
Those actions could pose serious harm to the United States.
A full accounting has yet to be completed, but US Attorney Michael Sherwin said during a news briefing Thursday that materials were stolen. “We have to identify what was done, mitigate that, and it could have potential national security equities.” Sherwin said, adding that “a large amount of pilfering at the Capitol” had occurred. On Thursday evening, CBS News reported that a laptop possibly containing sensitive national security information was among the objects stolen.
Security and espionage experts told BuzzFeed News that highly sensitive information could have been taken, material that adversaries could exploit to take advantage of the US in this moment of crisis or to undermine President-elect Joe Biden.
The chaotic nature of the mob and the short amount of time it was in control of the Capitol means it was unlikely that any foreign spies penetrated the halls of Congress. A former high-ranking FBI official who worked in the cyber unit told BuzzFeed News it was possible — though unlikely — that spies had used the riot as an opportunity to infiltrate Congress.
“A lot of planning goes into an installation of a bug even though it may only take seconds to install," the former official said. “I think it’s unlikely just based on my opinion the breach wasn’t premeditated to the point where someone could have done proper advanced planning for an install, but something crude could have been left behind.”
Nevertheless any material that was taken could still end up in the hands of adversaries.
“What you’re really looking for is something from those people who might be on an interesting committee — Foreign Affairs or whatever — who might have some documents,” Mark Galeotti, a senior associate fellow at the London-based Royal United Services Institute, told BuzzFeed News. “But also you might have someone with budgetary documents that might give some sense of where money is going for various projects or agencies.”
“If I was sitting in the rezidentura, the [Russian] Embassy, whether I was the [Foreign Intelligence Service] or [Military Intelligence Service], I would immediately be thinking, OK, well there are these things that are out in the wild — and this is where your human sources count — so who do I have in this world who would love to buy these things?” Galeotti said.
Despite widely circulated pictures of an unsecured laptop accessed by members of the mob in Rep. Nancy Pelosi’s office, the House’s chief administrative officer said in a statement that it “took several actions” during the riot to protect the Congress’s digital infrastructure, including “issuing commands to lock computers and laptops and shutting down wired network access.”
“At this time, there have been no indications that the House network was compromised,” the statement reads.
Among the members of Congress whose offices were breached was Sen. Jeff Merkley of Oregon. Late on Wednesday, he tweeted a video of what he called the “trail of destruction and looting.”
Taking viewers on a tour of his office, Merkley said the door was nearly torn off its hinges, artwork on his walls ripped down and destroyed, and trash strewn about the floor. He also said rioters had stolen a laptop left on his desk.
“What happened today was an assault by the domestic terrorists who stormed the Capitol, but it was also an assault on our Constitution,” he said.
Merkley did not return a request for comment from BuzzFeed News.
The “crown jewels” of sensitive US information are unlikely to be found in the Capitol building, Galeotti said. Most of the material available to lawmakers is tedious and pointless.
Mieke Eoyang, senior vice president for the National Security Program at the think tank Third Way and former subcommittee staff director on the House Permanent Select Committee on Intelligence, told BuzzFeed News that the risk of sensitive information being leaked was mitigated by Congress's decentralized IT system.
“Members of Congress operate like their own small businesses; they may have a shared email service, but often offices independently make decisions about having a Mac versus a PC,” she said. “There’s not really a centralized distribution point to make sure everyone has the same security and not everyone has the same cloud. So that means that a compromise of one office doesn’t necessarily mean that the entire congressional enterprise is compromised.”
Nonetheless, even a device with seemingly no information on it could still be of value if it contained sensitive personal information or reused passwords.
And regardless of what was taken, counterintelligence agents cannot afford to take chances. “You have to operate on a fairly conservative basis,” Galeotti said. “If it could have been broken into, could have been leaked, then you have to assume that it might.”
Additional reporting by Jason Leopold.