Everthing in that building that plugs into the wall should be discarded and with a known good device. That includes network infrastructure and even cabling.
Between this and the recent SUNBURST fiasco, there are going to be some long discussions about security policy.
I think that would be a good start. Then again, I also don't think it should have been so trivial for infiltrators to access content on congressional computing devices in the first place, even with physical access.
I'm not sure about other devices in the building, but there's plenty of stuff going around about Pelosi's laptop in her office. Was it just left unlocked and unattended? Did it even have an OS password? If it did, was that password written down somewhere such that infiltrators could easily access it?
Replacing all of the compromised tech is a good start, but clearly we need to hold our politicians to a higher standard when it comes to securing their devices.
Everthing in that building that plugs into the wall should be discarded and with a known good device. That includes network infrastructure and even cabling.
Between this and the recent SUNBURST fiasco, there are going to be some long discussions about security policy.