Computers with email open —Client– is what we saw in tweets, but my understanding is that injecting malware or replacing routers would more relevant. I definitely expect that changing computers can happen with a transition but it’s all too likely that people would overlook connection devices.
Makes sense -- is there anyone who has experience in gov't IT that can weigh in here on what protocols/practices are in place to reveal changes/mitigate dangers?
Genuinely curious to hear if anyone has knowledge of what security protocols are like/how sandboxed each of those machines are/what is likely to be done to verify that keyloggers weren't installed -- and how quickly something like that can be done, as most of those lawmakers rely on those machines for completing their daily work.
If they could have, they didn't during the invasion -- a not-insignificant number of videos on Twitter/Facebook/TikTok showing individuals actively gaining access to machines in the buildings. I'd really like to know about how this can be handled from a national security perspective, but not finding any resources that can teach what protocol is/needs to be in this case.
