Facial Recognition at Capitol Hill - ThreatWire
Added 2021-01-12 19:18:38 +0000 UTC
On Wednesday January 6th, hundreds of protesters breached the Capitol in DC, roaming the halls, destroying government items, and stealing electronic items of significance, including laptops. If treated similarly to other physical breaches, then in a worst case scenario, cybersecurity professionals would assume that any current passwords, sensitive documents, or data could’ve been stolen. And as we’ve learned from Hollywood (and Hak5), you only need a short period of time and access to a computer in order to infect it with malware using a simple USB drive.
Fake power strips, WiFi routers or iPhone cables could’ve been left behind and yes, all of these do exist in real life. Since Congress went back to work that same evening within the same building after the mob was removed, they could be using compromised devices. Cybersecurity professionals recommend full wipes and rotating credentials just in case, since the full scope of operational, digital and physical security breaches is currently unknown. Of course, planning this type of attack would require some research, but anyone with a little social engineering know how could blend in with the crowd and get into the building.
Due to the acts of violence, law enforcement and lawmakers have responded in a couple of different ways. First, Senator Mark Warner, Democrat of Virginia and incoming Senate Intelligence Committee chair, sent a letter to several companies who generally comply with court issued preservation orders of data - specifically Facebook, T-Mobile, Verizon, Apple, AT&T, Google, Gab, Parler, Signal, Telegram, and Twitter. He requested that these companies preserve whatever data they have from that day’s events in order to help piece together what happened and the perpetrators involved. That includes data such as messages to and from participants.
The CEO of Clearview AI, a company contracted to implement their facial recognition technology in businesses and organizations, explained that they saw a 26% spike in usage on January 7th, the day after the riot. According to reports, police departments in various parts of the US are using Clearview to identify the faces of people seen in the images taken at Capitol Hill. After drawing a lot of attention last year, Clearview said they would stop the sales of their technology to private businesses, only making available to law enforcement.
Lastly, according to authorities, data is being collected and analyzed from the Capitol’s own networks. If a rioter didn’t turn off their devices radios and automatically connected to the guest WiFi or cell phone towers within the building’s infrastructure, then that data would be collected. While many thought these perpetrators got away free from prosecution, some have already been arrested just days later due to the massive collection of forensic evidence such as facial recognition and data capture.
Events like this one could cause more surveillance in more spaces, not just within the walls of a government building. Folks may praise the government's use of technology to catch these criminals, but this same technology has historically been used to track and target a very different group of people.
https://www.cyberscoop.com/capitol-hill-unrest-trump-cybersecurity/
https://cdn.vox-cdn.com/uploads/chorus_asset/file/22224462/capitol_attack_twitter.pdf
https://www.washingtonpost.com/technology/2021/01/08/trump-mob-tech-arrests/
Watch the full episode: https://shannonmorse.podbean.com/e/capitol-hill-using-facial-recognition-to-id-rioters-solarwinds-update-cloning-google-titan-u2f-keys-threatwire/
