When a pro-Trump mob stormed into the U.S. Capitol on Jan. 6, rioters didn't just smash windows and break furniture. They also pilfered at least two laptops: one from the office of Oregon Democratic Sen. Jeff Merkley, another from a conference room used by Democratic House Speaker Nancy Pelosi.
The next day, House administrative officials notified members' offices that while there weren't any indications the network had been compromised, they had taken several actions to secure and protect sensitive information, including locking computers and shutting down wired network access.
As state capitols brace for the threat of armed pro-Trump rioters at Wednesday's presidential inauguration, information technology experts warn that officials must beef up not only their physical security but also their cybersecurity.
"There are many cyberthreats, and everything's heightened right now," said Dan Lohrmann, chief security officer for Security Mentor, a national security training firm that works with states. "If hackers could push a button and destroy data or cause problems with the functioning of government, that's a big fear."
Legislative IT officials must be prepared for both in-person and remote attacks, cybersecurity experts say. They recommend that legislators' and staffers' laptops and other electronic devices be locked or secured and hard drives encrypted. State legislatures also should be using two-factor authentication, a second method of confirming identity online before someone logs in, usually by entering a randomized one-time password or number sent to a smartphone or email address.
"We'd like to think all laptops are encrypted and that there is two-factor authentication," Lohrmann said, "but I know that those policies aren't followed in all states."
In Washington state, where Democratic Gov. Jay Inslee has called up as many as 750 National Guard members to help protect the state Capitol, legislative IT officials also have been preparing, said Michael Norris, cybersecurity administrator for the state's Legislative Service Center.
"We're ready to go, in the event that something like what happened in Washington, D.C., happens here," Norris said. "We're prepared to lock computers and disconnect them from the network."
An incident response plan is in place, as are multiple levels of security, Norris said. Laptops and devices already are encrypted, and legislative staffers and members use two-factor authentication.
"Are we perfect? No," he said. "But we're definitely going to prepare for it as best as we can."