Senior Official Confirms Senate Sergeant-at-Arms’ Cybersecurity ‘Hiring Initiative’

April 22, 2019 Updated: April 22, 2019

WASHINGTON—A top aide to the Senate sergeant-at-arms (SAA) confirmed to The Epoch Times that multiple new hires have been made in that office’s cybersecurity department.

“There has been a hiring initiative with our cybersecurity department where we’ve been increasing the staff and converting contractors over to staff positions, so you may have seen that but it’s not a ‘housecleaning,’ it’s just a hiring initiative,” said the aide, who requested not to be identified.

Asked when the initiative began and how many individuals were involved, the SAA official said: “I’m not sure. We generally don’t get into any particulars on personnel matters.

“I just wanted to let you know for the tone of the article that that’s what’s been occurring if you’ve been tracking vacancy notices or something. It’s not a housecleaning.”

In a subsequent email to The Epoch Times, the SAA official said the hiring initiative began in August 2018 and that increased hiring was authorized in December 2017.

The SAA manages the day-to-day operations of the Senate, including its computer networks, and is accountable to Senate Majority Leader Mitch McConnell (R-Ky.).

The official, who declined to say what prompted the hiring initiative, was responding to an April 13 exclusive story by The Epoch Times reporting that SAA managers had conducted a “general housecleaning” that resulted in “massive personnel changes” in the upper chamber’s information technology and cybersecurity systems staff.

The official also noted that the April 13 story incorrectly said former cybersecurity branch manager John Clayton Porter left SAA this month when, in fact, he did so in April 2018. The official declined to say why Porter left.

The April 13 Epoch Times story was based on a Senate source with direct knowledge of the situation, who said: “There’s been massive personnel changes over there. The new people are a lot more strict and putting on a lot more rules and restrictions. They have just been tightening down a lot since then.”

The changes followed a guilty plea entered in federal court April 5 by Jackson Cosko, a former information technology aide to Sen. Maggie Hassan (D-N.H.) and Rep. Sheila Jackson-Lee (D-Texas).

Cosko pleaded guilty to two counts of making public restricted private information about McConnell, and other senators, including Lindsay Graham (R-S.C.), Mike Lee (R-Utah), Rand Paul (R-Ky.), and Orrin Hatch (R-Utah).

Cosko also pleaded guilty to one count each of computer fraud, witness tampering, and obstruction of justice. Prior to agreeing to the plea, Cosko faced as many as 11 separate felony counts.

Cosko’s offenses commenced after he was terminated from Hassan’s staff in May 2018 for reasons the New Hampshire senator has refused to make public.

“The defendant engaged in an extraordinarily extensive data-theft scheme, copying entire network drives, sorting and organizing sensitive data, and exploring ways to use that data to his benefit,” federal prosecutors said in Cosko’s guilty plea.

An analysis of SAA staffing, as reported by the LegiStorm congressional personnel database, found the office hired at least 26 new employees in 2018. It could not be determined how many of the 26 were converted from being contractors.

Thirteen of the 26 were hired with titles that include “cybersecurity,” with most coming on board in April, May, and June 2018. None were listed with hiring months of October, November, or December 2018.

Six others were hired in positions like “senior software engineer” that could involve cybersecurity work, meaning 19 of the 26 (or 73 percent) were hired either the month before or in the months immediately after Cosko’s official dismissal from the Hassan staff, but before the August 2018 start of the hiring initiative described by the SAA official.

Only two new employees were hired in August 2018 and one in September 2018. The starting month of two “equipment service specialists” hired in 2018 was not available from LegiStorm.

LegiStorm records show Cosko began working for Hassan as a “legislative correspondent/systems administrator” in January 2017.

In his guilty plea, the government said Cosko “had intimate knowledge of, and broad access to, the computer systems, administrative accounts, and related security measures (including passwords and user names) in Senator Hassan’s office.”

Previously, Cosko was a “press assistant” to Sen. Barbara Boxer (D-Calif.) from October 2016 until joining Hassan’s staff, according to LegiStorm’s records database.

Before becoming a press assistant to Boxer, Cosko worked as “systems administrator/legislative research assistant” for the California Democrat from April 2016. He was a Boxer “press intern” from January 2016 until April 2016.

Before joining the Boxer congressional staff, Cosko was “lead field organizer” for the Generation Forward PAC, which was organized in 2015 to support former Maryland Gov. Martin O’Malley, who ran unsuccessfully in the 2016 Democratic presidential primary.

Contact Mark Tapscott at