Just got home from a long walk around downtown D.C. Have never seen the city like this. It sounds trite to say, but it was really chilling.
Black Lives Matter Plaza.
A sign welcoming Biden and Harris into office hangs from a building near the Trump hotel.
Walked down a deserted Pennsylvania Avenue, tracing in reverse the famous route that Biden won't be able to take next week.
When I reached the edge of the Capitol's western security perimeter, workers were putting up one of the final pieces of fencing on that side of the building.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
So far, hearing that cyber risks of the Capitol attack were low.
* Congress isn't one big network
* Vulnerable machines held unclassified files
* Hill leaks so much already that truly sensitive stuff is walled off
* Rioters weren't there long enough for thorough, careful access
The only computer reported stolen so far was from Senator Merkley’s office. His staff declined to share details, citing an ongoing investigation.
For those wondering about the SCIFs, used for classified files and conversations, their doors were built to withstand embassy sieges, and they’re swept for bugs before every use.
We haven’t seen any indication that they were even targeted, much less seriously attacked.
More Trump admin CISA drama: DHS recently asked CISA to provide confidential SolarWinds data shared by private companies. CISA refused, fearing harm to industry partnerships if companies don't trust its confidentiality promises.
When companies share technical data about cyber intrusions to help CISA understand the activity, the data sometimes contains proprietary business information.
To encourage companies to feed it insights, CISA promises not to share confidential data with other agencies.
Neither DHS nor CISA denied our reporting, although both agencies emphasized that CISA regularly shares cyber info with DHS.
Add this to the list of strains that have emerged in the relationship between CISA and WH/DHS political appointees late in the Trump administration.
So I'm just now seeing that @OversightDems has published the latest Plum Book (govinfo.gov/content/pkg/GP…), and there are a bunch of errors. Most are attributable to the June 30 "as of" date, but not all — it says we don't have an NSA director!
Unsurprisingly, it still lists Krebs & Travis at CISA. It also lists Suzette Kent, who resigned as federal CIO in July (though she announced it before the Plum Book's "as of" date).
Maybe I'm missing something, but shouldn't it list the assistant directors at CISA? They're PAs.
Organizationally, there are some interesting choices, like listing the CISA director at the end of the agency's section and doing the same with the federal CIO in the relevant OMB section.
Isn't part of the value of this document that it conveys a sense of hierarchy?