Skip to content

Illustrated by Security Management

Storming SCIF Causes Security Breach on Capitol Hill

U.S. Representatives Matt Gaetz (R-FL) and Steve Scalise (R-LA) led a group of lawmakers into a closed hearing on Capitol Hill on Wednesday in a major breach of protocol and security.

Gaetz and Scalise were leading a group of 24 Republicans into a hearing room in the basement of the U.S. Capitol where three U.S. House of Representatives committees are conducting an impeachment inquiry. Only members of the Intelligence, Oversight and Reform, and Foreign Affairs Committees are allowed in the room during official proceedings.

“We are going to try and go in there, and we’re going to try to figure out what is going on on behalf of the millions of Americans that we represent who want to see Congress working for them, and not obsessed with attacking a president who we believe has not done anything to deserve impeachment,” Gaetz said in a press conference outside the hearing room.

The lawmakers then disregarded security personnel’s instructions not to enter the room and to leave their smartphones and other electronics outside. They then entered the room, providing updates on Twitter about their ability to breach the facility. The congressmen were ultimately removed by the Sergeant at Arms, who is responsible for security at the House of Representatives.

While the incident was a breach of congressional protocol, it also compromised the security of the hearing room itself which is set up as a SCIF—a Sensitive Compartmented Information Facility. These rooms must meet strict security requirements to prevent outsiders, such as spies, from gaining access to the information discussed within them.

The U.S. Office of the Director of National Intelligence (ODNI) creates guidelines for SCIFs, which need to have radio frequency shielding, walls with sound-attenuation material, and electronics that conform to the National Security Agency’s TEMPEST specification, among other vast requirements.

“Working in any SCIF can be a challenging experience,” explained Mieke Eoyang, head of national security program Third Way and former staffer on the House Intelligence Committee, in an op-ed for CNN. “People who work in these facilities take their security protocols very seriously because they know the sensitivity of the information they are designed to protect. You sit behind a vault door, often in a room with no windows, surrounded by highly sensitive information that you have an obligation to safeguard. You check your electronic devices outside the room; accidentally bringing them in can trigger a reprimand, an investigation, or worse—if the violation is intentional, it could include a loss of clearance or even your job.”

These protocols are especially stringent for the hearing room the lawmakers entered, which is used by the House Permanent Select Committee on Intelligence. This is where legislators conduct oversight of America’s intelligence programs in addition to other investigations authorized by the committee.

“A SCIF is designed and regulated to be a secure space—and that means keeping out electronic devices that malicious actors can exploit to conduct surveillance,” said Joshua Geltzer, former senior director for counterterrorism at the National Security Council, in an interview with WIRED. “Bringing those into such a space can cause real national security vulnerabilities.”

Following the breach, the Sergeant at Arms, Paul Irving, and his team led a security sweep of the room. U.S. Representative Bennie G. Thompson (D-MS), chair of the House Homeland Security Committee, also requested that Irving take action against the individuals who ignored security protocols and entered the SCIF.

“This unprecedented breach of security raises serious concerns for Committee Chairmen, including me, responsible for maintaining SCIFs,” Thompson wrote in a letter to Irving. “As such, I am requesting you take action with respect to the Members involved in the breach. More broadly, I urge you to take House-wide action to remind all Members about the dangers of such reckless action and the potential national security risks of such behavior.”

Lawmakers and security professionals were especially concerned about the ability of some individuals to carry unauthorized electronic devices into the SCIF because lawmakers are targets for foreign adversaries.

Members of Congress “often meet with officials from other governments, travel internationally, and communicate with the most senior executive branch officials, including the president,” Eoyang explained. “Many of these members also do not come to their jobs with a background in cybersecurity, and are often confused by technology, so their security practices may not be strong. Compromising the smartphone that sits in the pocket of a member of Congress could yield insights into political strategies, foreign policy, or even salacious information that could be used to manipulate or coerce that individual.”

And while lawmakers are especially lucrative targets for these kinds of attacks, executives and other high value targets are increasingly targeted by individuals wanting to gain access to their devices using pivot attacks.

Pivot attacks leverage vulnerabilities in devices and networks that HVTs use that are not under the control of their respective organization, such as a personal smartphone or laptop, to get access to the enterprise.

“They take advantage of the fact that senior leaders have access to a wide range of sensitive corporate information, are constantly on the move, and inevitably have personal devices which connect to corporate networks,” Cypient Black found in its report, The Entangled Enterprise.