[zwp]

I agree. The risk from this intrusion is not a whole lot different (and considerably more overt) than from the access that any number of other people have had to this building in the past. (Tour guides, visiting civilians, contractors, cleaners, ...).

Professional attackers were not waiting to follow a Jamiroquai knock-off around during an event whose CCTV footage will be heavily scrutinized.

(See for example (50 years ago) https://www.nytimes.com/1988/11/15/world/the-bugged-embassy-...).

This may be a good incentive to review policies such as full disk encryption and proximity-card workstation lock/unlock but pulling miles of CAT-6 from this building is not a sensible response: defenses _should_ already account for this sort of threat. If purple team has not already "what if"'ed this particular variant of the evil maid problem then that's a serious issue but clearly weak physical security was already a known feature of the threat model.