Former congressional IT aides at the heart of a hacking scandal that has been brewing since September 2016 had access to the congressional email systems of at least 59 House Democrats.
The House Office of Inspector General discovered in 2016 that five IT aides had made thousands of suspicious logins to congressional servers and had transferred large amounts of data using Dropbox accounts.
Imran Awan, a naturalized Pakistani national, first began working for Congress in 2000 as an IT contractor and was hired by five House Democrats in 2004.
After Awan hit the congressional pay cap in 2005, making as much as a congressman, his brother Abid Awan joined the payroll in 2005. This pattern repeated itself to include both the wives of Imran and Abid, as well as their other brother, Jamal Awan, and Rao Abbas, a man to whom Abid Awan owed money.
Despite lacking IT experience, the family members were paid more than regular IT employees in Congress, making a combined total of $7 million by 2017.
Altogether, the IT aides were hired by 44 House Democrats and no Republicans or Independents. Each of the representatives had waived a background check on the employees, despite there having been red flags, such as the fact that Imran Awan would work months at a time from Pakistan and that Abbas had filed for bankruptcy in 2012 and had debts.
The Daily Caller News Foundation (DCNF) reported in April that Imran Awan’s father, Haji Ashraf Awan, had transferred a USB drive to a Pakistani senator and former head of a Pakistani intelligence agency.
A former business partner of Imran Awan’s father also said that Imran had bragged that he has the power to “change the U.S. president.”
Access to Emails
According to a briefing provided to House leadership in September 2016, the five shared IT workers, Imran Awan, Abid Awan, Hina Alvi Awan, Jamal Awan, and Rao Abbas, had “collectively logged into 15 member offices and the Democratic Caucus, although they were not employed by the offices they accessed.”
This access was in addition to the legitimate access they were given by the 44 members of the House that employed them.
This means that the IT aides were able to access the personal data, including emails, of at least 59 House Democrats. Other data stored on the congressional servers were the representatives’ calendars, personal files, and constituents’ data.
In some cases, the emails of representatives could have contained sensitive or classified information. The IT aides had access to the emails of representatives who serve on the House Permanent Select Committee on Intelligence, the House Committee on Homeland Security, and the House Committee on Foreign Affairs.
As seen during the 2016 presidential elections, when emails belonging to Hillary Clinton’s campaign manager John Podesta were leaked to Wikileaks, much can be at stake for politicians when it comes to email security.
If evidence of wrongdoing, or embarrassing information, is contained in the emails or personal files, they could potentially be used for blackmail.
President Donald Trump commented on the case on June 7, saying that “the Democrat I.T. scandal is a key to much of the corruption we see today.”
Suspicious Data Transfers
The House inspector general told House leadership, in a PowerPoint presentation that was not released publicly, that the five IT workers had made 5,735 logins into the Democratic Caucus system during a surveyed period of seven months.
It also said that the “pattern of login activity suggests steps are being taken to conceal their activity.” According to the inspector general, the excessive logins could mean the “computers could be used to store documents taken from other offices or evidence of other illicit activity.”
Two of the Democratic caucus computers used by the shared employees had Dropbox installed on them, against House IT rules. According to the inspector general, thousands of files were stored in the Dropbox accounts used, with some of the information likely being sensitive.
“While file sharing sites, such as Dropbox, have legitimate business purposes, use of such sites is also a classic method for insiders to exfiltrate data from an organization,” the House inspector general said in the presentation.
No Charges Filed
The inspector general also found that offices for which the IT aides worked had seen numerous irregular purchases of mobile devices.
All purchases of $500 by representatives’ offices are required to be listed as House inventory with the chief administrative officer of the House of Representatives.
However, purchases of items such as iPads, iPhones, and TVs were made artificially lower by spreading billing out over several invoices, avoiding the scrutiny given to $500 purchases.
For example, the inspector general found that iPads costing $799 were billed as $499 for the iPad and $350 for Apple Care, which only costs $88. In another case, a TV costing $640 was billed for $499, with a TV mount billed for $263 despite it costing only $36.
The IG report also found that 75 pieces of equipment with a total purchase price of $118,416 went missing from one of the offices where Abid Awan worked. The office was later revealed to be that of Rep. Yvette Clarke (D-N.Y.).
Family members of the Awans told DCNF that they shipped a significant number of devices, such as iPads and iPhones, to Pakistan.
Despite the discoveries of the unauthorized access to the representatives’ systems, the suspicious transfers of data, and the irregular purchases of equipment, no charges have been filed by members of Congress.
Most of the 44 House Democrats the Awans worked for fired them in February 2017 after the House sergeant at arms officially banned them from the House network. However, during the over five-month delay since the initial findings of the House inspector general, the IT workers had maintained access to the sensitive systems.
Imran Awan and Hina Alvi Awan have been charged with unrelated bank fraud charges. A hearing on their case has been postponed seven times since last November and is now scheduled for July 6.