- An internal House probe concluded that Pakistani IT aides Imran Awan along with four other individuals inappropriately accessed House servers and moved data
- They impersonated at least 15 U.S. House members they did not work for and the Democratic Caucus, using their credentials to gain access to the system - a federal offense.
- Data was migrated from several servers onto a single server, which disappeared while being monitored by police
- The Awans engaged in a "pattern of login activity" which suggest steps were taken to conceal their activity
- House Democrats in turn misrepresented the issue to their own members as solely a matter of theft
- No criminal charges have been filed related to the data breaches or a number of other violations
In what must surely warrant a Special Counsel by now, an internal House investigation concluded that Pakistani IT aides Imran Awan and wife Hina Alvi, along with Imran's brothers Abid and Jamal and a friend, impersonated at least 15 U.S. House members for whom they did not work - using their credentials to log into Congressional servers, before migrating data to a single server, which was stolen during the investigation, all while covering their tracks - reports Luke Rosiak of the Daily Caller.
This, and much more is detailed in a presentation assembled the House's internal watchdog - the Office of the Inspector General, after a four-month internal probe.
The presentation, written by the House’s Office of the Inspector General, reported under the bold heading “UNAUTHORIZED ACCESS” that “5 shared employee system administrators have collectively logged into 15 member offices and the Democratic Caucus although they were not employed by the offices they accessed.” -DC
One systems administrator “logged into a member’s office two months after he was terminated from that office,” reads the investigative summary.
There are strong indications that many of the 44 members’ data — including personal information of constituents seeking help — was entirely out of those members’ possession, and instead was stored on the House Democratic Caucus server. The aggregation of multiple members’ data would mean all that data was absconded with, because authorities said that entire server physically disappeared while it was being monitored by police. -DC
The OIG also concluded that the Awans' behavior appeared to be a "classic method for insiders to exfiltrate data from an organization," as well as indications that a House server was "being used for nefarious purposes and elevated the risk that individuals could be reading and/or removing information," and "could be used to store documents taken from other offices," the Caller reports.
A House committee staffer close to the probe told The Daily Caller that “the data was always out of [the members’] possession. It was a breach. They were using the House Democratic Caucus as their central service warehouse.”
“All 5 of the shared employee system administrators collectively logged onto the Caucus system 5,735 times, an average of 27 times per day… This is considered unusual since computers in other offices managed by these shared employees were accessed in total less than 60 times,” the presentation reads.
The internal document also shoots down any notion that the access was for some legitimate purpose - indicating "This pattern of login activity suggests steps are being taken to conceal their activity."
A second presentation shows that shortly before the election, their alleged behavior got even worse. “During September 2016, shared employee continued to use Democratic Caucus computers in anomalous ways:
- Logged onto laptop as system administrator
- Changed identity and logged onto Democratic Caucus server using 17 other user account credentials
- Some credentials belonged to Members
- The shared employee did not work for 9 of the 17 offices to which these user accounts belonged.”
The second presentation found "possible storage of sensitive House information outside of the House ... Dropbox is installed on two Caucus computers used by the shared employees. Two user accounts had thousands of files in their Dropbox folder on each computer," which is strictly against House rules due to fact that Dropbox is offsite.
Under the Computer Fraud and Abuse Act (CFAA), simply accessing a computer and obtaining information carries a sentence of up to 10 years for more than one conviction of the same abuse. Trespassing on a government computer also carries a 10 year sentence. You can see the rest of the CFAA penalties below, many of which appear to fit the Awan case:
While each violation above carries its own penalties, let's look at the first one; National Security violations Under the CFAA, a felony:
Whoever— (1) having knowingly accessed a computer without authorization or exceeding authorized access, and by means of such conduct having obtained information that has been determined by the United States Government pursuant to an Executive order or statute to require protection against unauthorized disclosure for reasons of national defense or foreign relations, or any restricted data, as defined in paragraph y. of section 11 of the Atomic Energy Act of 1954, with reason to believe that such information so obtained could be used to the injury of the United States, or to the advantage of any foreign nation willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit or cause to be communicated, delivered, or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it to the officer or employee of the United States entitled to receive it . . . shall be punished as provided in subsection (c) of this section.
The punishment under 18 U.S. Code § 1030 is up to 20 years in prison for each violation.
Meanwhile, House Democratic leadership has been downplaying the alleged breach by pointing to recent bank fraud charges the Awans were slapped with after Imran Awan was arrested at Dulles International Airport attempting to flee the country.
Rep. Ted Lieu of California, who employed Abid Awan and is a member of the foreign affairs committee, said as far as he was concerned it was a simple issue of bank fraud.
“The staffer that I used, there was no allegation,” he told a TV station. “If you look at the charge of the brother, he was charged with bank fraud… that has nothing to do with national security.” -DC
The only Democrat who appears to have attempted to intervene with the Awans' access is Rep. Xavier Becerra who ran the House Democratic Caucus server, knew about the unauthorized access, and tried to stop them according to the OIG report - however "the suspect defied him." That said, Bacerra does not appear to have warned other offices that might have been affected.
“The Caucus Chief of Staff requested one of the shared employees to not provide IT services or access their computers,” the OIG report reads, adding “This shared employee continued.” Unfortunately, while police were keeping tabs on the server as a primary piece of evidence in their ongoing investigation, they discovered in January that it was taken from under their noses and replaced with a different computer"
To read more about the Awans, take a look at the extensive reporting below by Luke Rosiak:
Imran Awan: A Continuing DCNF Investigative Group Series
- Court docs
- House IT Aides Ran Car Dealership With Markings Of A Nefarious Money Laundering Operation
- Becerra Tried To Block Awan From House Democratic Caucus Server, But Logins Continued; He Didn't Go To Cops
- Hard Drive Tied to Wasserman Schultz Is Central To Imran Awan Case
- 18 Months In, Dem IT Aides Not Charged With Hill Crimes Despite Evidence
- Used Political Influence To Have Fraud Charges Dropped In Pakistan
- Own Wife Turns, Accuses Him Of Fraud, Violent Threats
- Imran Awan 'Very Strongly' Wants To Block Review Of Hard Drive, Was Using Alias
- Lawyer Says Congressmen Wanted Invoices Falsified
- Sending Money To Police Officer In Pakistan
- Funneling 'Massive' Data Off Congressional Server, Dems Claim It's Child's Homework
- 'Like a Slave': Three Muslim Women, At Least One Of Them Bloodied, Called Police on Imran
- Had Secret Server, Caught Falsifying Evidence To Cover It Up
- Imran Still Has Copy Of House Laptop DWS Said Has Sensitive Leg-Branch Info
- DWS Laptop Found at 3AM In Phone Booth With Letter To Prosecutors
- Awan Asks Judge To Remove GPS, Citing Possible Emergency With Kids--Who Are In Pakistan
- Has Secret, Still-Active House Accountfirstname.lastname@example.org--Linked To Intelligence Specialist
- DWS 'Islamophobia' Claim Prompts Angered Witnesses To Go Public
- Rep. Yvette Clarke Quietly Signed Away $120,000 In Missing Equipment
- Imran, Hina Indicted For Conspiracy Against U.S.
- DWS Now Says Laptop She Sought To Keep From Police Was Awan's, Not Hers
- Liquidating $1.8M In Real Estate When Arrested, Some Still Pending
- DWS Seemingly Planned To Pay Suspect Even While He Lived In Pakistan
- Lawyer Is Longtime Clinton Associate
- Arrested At Airport After Wiring $300k To Pakistan
- FBI Seized Smashed Hard Drives From Home
- Ex-DNC Head 'Negotiating' With Police Over Letting Them See Evidence
- Dems Tying Themselves Into Knots To Ignore Criminal Probe
- 'You'd Like Him:' Associates Describe 'Cunning,' Charismatic Con Artist
- In Personal Lives, Evidence Of Massive Cons
- House Dems Hired A Fired McDonald's Worker As Email Administrator
- DWS Admits To Violating Network Security, Blames House
- Wasserman Schultz Threatened Police Chief For Gathering Evidence
- Suspect Has Fled To Pakistan, Relative Says
- House IT Aides Fear Suspects In Hill Breach Are Blackmailing Members
- Read the Court Docs Detailing Their Greed, Ruthlessness
- Paul Ryan: Capitol Police Getting 'Assistance' On Criminal Investigation
- Brothers Could Read Every Email Of Dozens Of Congressmen
- ...Also Had Access To DNC Emails
- ...Allegedly Kept Stepmom In 'Captivity' To Access Offshore Cash
- ...Received $4 Million From Dem Reps
- ...Owed Money To Hezbollah-Connected Fugitive
- ...Secretly Took $100K In Iraqi Money
- Brothers Had Massive Debts, Years Of Suspicious Activity
- House Intelligence, Foreign Affairs Committee Members IT Compromised