Did the Capitol Raid Compromise America’s Top Secrets?

There is a secured room in the basement of the US Capitol where some of the country’s most important military and intelligence secrets are kept.

Known as a Sensitive Compartmented Information Facility, or SCIF, the House Intelligence Committee Office Suite is one of several such secure rooms scattered across the Capitol Hill complex where lawmakers receive classified briefings on the threats facing the United States, as well as America’s secret military and intelligence operations.

According to accounts by security officials, the House Intelligence Committee Office Suite was not breached, nor was the secure facility specifically targeted during Wednesday’s raid. However, the fact that other offices in the building — including that of House Speaker Nancy Pelosi — were ransacked has sparked security concerns in some quarters, raising the specter that classified information related to US national security may have been stolen during the rampage.

Other experts contend that foreign intelligence agents or cybercriminals would have been hard pressed to expeditiously exploit Wednesday’s unanticipated security breakdown for the purposes of a concerted intelligence gathering operation or cybercrime.

“This is probably going to take several days to flesh out exactly what happened, what was stolen, what wasn’t,” said Michael Sherwin, acting US attorney for the District of Columbia, CNN reported. “Items, electronic items, were stolen from senators’ offices. Documents, materials, were stolen, and we have to identify what was done, mitigate that, and it could have potential national security equities. If there was damage, we don’t know the extent of that yet.”

The ransacked office of the Senate Parliamentarian: pic.twitter.com/E7PsSgoAEX

— Ali Zaslav (@alizaslav) January 7, 2021

A mob of President Donald Trump’s supporters stormed the US Capitol on Wednesday, interrupting the certification of President-elect Joe Biden’s win in the 2020 election. Five people reportedly died in the melee, including a Capitol Police officer.

Across the Capitol building, offices were pillaged, leaving reams of documents scattered on the ground in places. Pelosi’s office was sacked, and a laptop was reportedly stolen from the office of Sen. Jeff Merkley from Oregon. According to news reports, several other senators’ offices were ransacked, as well as the office of the Senate Parliamentarian.

The official electoral ballots were rescued from the Senate floor by some quick-thinking Congressional staffers — likely thwarting a gambit by some of the rioters to curtail the affirmation of Biden’s election victory.

“If our capable floor staff hadn’t grabbed them, they would have been burned by the mob,” Merkley said in a tweet.

Members congress shelter in the House gallery as protesters try to break into the House Chamber at the U.S. Capitol on Wednesday, Jan. 6, 2021, in Washington. (AP Photo/Andrew Harnik) pic.twitter.com/nOAbIHuexK

— Andrew Harnik (@andyharnik) January 6, 2021

There are several mitigating circumstances that likely reduce the security fallout from Wednesday’s mob raid, according to some cybersecurity experts. For one, Congressional offices are not located in the historic Capitol building. Rather, the offices of House members and senators are scattered across a campus of buildings in the broader Capitol Hill complex. Those other office buildings were not breached during Wednesday’s mob violence.

Senators are usually afforded a so-called “hideaway” within the Capitol itself. These discreet, unlisted workspaces range from the lavish to the Spartan based on a senator’s seniority. The hideaways are located on all four floors of the Capitol, including in the basement, and are used by senators for confidential meetings, naps, or other personal reasons.

The speaker of the House of Representatives also has an office in the Capitol building. Located on the first floor, Pelosi’s hideaway is known as the “Board of Education room.”

One of Wednesday’s indelible images is that of a Trump supporter sitting with his feet up on Pelosi’s desk. Another shows a folder on the speaker’s desk with the writing, “WE WILL NOT BACK DOWN” in red ink. In that photo, the computer screen on Pelosi’s desk appears to be all black, suggesting her computer was either locked or powered off at the time. However, another photo posted to Twitter purports to show the computer of one of Pelosi’s staffers left on with its email open.

A supporter of President Trump sits inside Speaker Pelosi's office. pic.twitter.com/xyhj0Lziro

— NBC News (@NBCNews) January 6, 2021

Senate computers purchased since October 2018 have been encrypted as a matter of course. Moreover, Congressional staff and committees do not operate on a unified server, experts say, meaning that a physical breach on one computer would not permit widespread access to networked data.

Politico reported that the House Chief Administrative Office told staff in a Thursday evening memo that “at this time, there have been no indications that the House network was compromised.”

There are widespread media reports that many staffers working in the Capitol building left their workspaces in such a hurry on Wednesday that they didn’t properly shut down their computers. In any case, members of Congress and their staffs can’t access classified information on their work computers. They can only do so within the confines of a SCIF.

The computers in the Capitol’s offices — indeed, in any office in the Capitol Hill complex outside of a SCIF — should not hold classified information. That is, unless the owner of that computer was committing a security violation by accessing such information on an unauthorized computer, which is an illegal act punishable by prison time.

“I’m not worried about this incident from an [information security] perspective,” tweeted Mieke Eoyang, a former Capitol Hill staffer who worked on issues related to cybersecurity, defense, and intelligence.

“Congressional offices deal in unclassified information. Most of the things they deal with are open source,” Eoyang wrote on Twitter. “Classified information [is] dealt with in designated Congressional SCIFs. No indication those were breached.”

SCIFs are colloquially known as “vaults” within military units, and access to them is limited by tight, multilayered security protocols. There’s typically a guard out front and entrants have to leave all electronic items outside the door. Lawmakers without clearances are allowed inside Congressional SCIFs to review classified documents, but they have to be ushered in and out by a handler and cannot take notes. Otherwise, access is denied to staff members who do not hold the appropriate, active security clearances.

The House Intelligence Committee Office Suite was built in the Capitol Visitor Center after the Sept. 11, 2001, terror attacks, replacing another SCIF that was located on the fourth floor of the Capitol.

The walls of a SCIF are usually built with special materials to impede electronic eavesdropping efforts by foreign adversaries. The doors are typically built to withstand a mob pounding on the door to get in — such as during an embassy seizure, for example.

As of April 2019, some 637 Senate staffers had active security clearances, said Mandy Smithberger, director of the Center for Defense Information at the Project on Government Oversight, during testimony before the Senate Appropriations Committee in May. Of that number, some 353 held secret or top secret clearances, and 284 had higher Top Secret/Sensitive Compartmented Information clearances, Smithberger told the Senate in May.

Apart from classified material, there is also the risk that Wednesday’s rioters may have had access to other confidential information related to the personal affairs of lawmakers and their staffs. The rioters may have gained access to emails and calendars, as well as other sensitive files, experts say.

While not critical to US national security, per se, such information could compromise the safety of lawmakers, or leave them open to other forms of harassment. Also, despite the ad hoc nature of Wednesday’s raid, some cybersecurity experts worry that cybercriminals intermingled with the rioters would have been able to physically implant malware on Congressional computers.