Democratic IT Staffers Made Thousands of Unauthorized Logons to Congressional Systems

Inspector General report details unauthorized access to servers by Pakistani IT employees

Democratic IT Staffers Made Thousands of Unauthorized Logons to Congressional Systems
Rep. Debbie Wasserman Schultz (D-Fla.) speaks at an event on May 11 in Sunrise, Florida. (Joe Raedle/Getty Images)
Joshua Philipp
The Pakistani IT workers hired by 30 Democratic members of Congress, including Debbie Wasserman Schultz (D-Fla.) maintained "continued unauthorized access" to Democratic Caucus computers and frequently accessed computers in a government conference room, according to two reports from the Office of Inspector General (OIG).

The OIG reports from Sept. 20 and Sept. 30, 2016, were included in two PowerPoint briefings allegedly given to Speaker of the House Paul Ryan (R-Wis.), Minority Leader Nancy Pelosi (D-Calif.), and the Committee on House Administration. A transcript of the presentations was obtained by The Epoch Times.

The presentations back concerns that the Pakistani IT workers were involved in a case of corruption involving Democratic officials, fraud, blackmail, and other potential crimes.

According to the presentation, the aides may have also been storing "sensitive House information outside the House." It notes that Dropbox, a cloud storage system, was installed on two Caucus computers used by the workers, and that two of the user accounts "had thousands of files in their Dropbox folder on each computer."

The new claim that "sensitive House information" was being stored on the computers challenges the current narrative, pushed by the Washington Post, that the server contained "homework" and "family photos" from the IT workers' families.
The Daily Caller also reports that "Using Dropbox is against House rules because it uploads files offsite," and also cites the presentation, stating, "Based on the file names, some of the information is likely sensitive."

According to The Daily Caller, statements from several Democrats also indicate that Democratic staff of the House Administration Committee and others "may have withheld information about cybersecurity breaches from members who employed the suspects, and appear to have misled them about the basic nature of the investigation."

The presentation names the IT workers as Imran Awan, Abid "Omar" Awan, Hina Alvi, Jamal Awan, and Rao Abbas. The presentation states they "collectively logged in to 15 member offices and the Democratic Caucus, although they were not employed by the offices they accessed."

All five of them, it states, "collectively logged on to the Caucus system 5,735 times, an average of 27 times per day." In addition, it notes that Alvi "logged in to the Caucus computers 291 times over the 7-month period." Another server, it notes, was logged in to 5.4 times a day, with 1,154 logins.

This behavior, it states, "is considered unusual since computers in other offices managed by these shared employees were accessed in total less than 60 times."

At the same time, it notes, there are signs the individuals were trying to cover their tracks.

"This pattern of login activity suggests steps are being taken to conceal their activity," the report states, noting the individuals showed behavior used to avoid network monitoring, and used login techniques that gave temporary access, "which could be done to evade network monitoring."

The Caucus Chief of Staff, it states, even asked one of the IT workers to not provide IT services on their computers, but the individual continued to access the computer regardless.

While the report doesn't draw conclusions, it does say the actions raise concerns.

"Excessive logons are an indication that the server is being used for nefarious purposes and elevated the risk that individuals could be reading and/or removing information," it states.

It adds that the computers "could be used to store documents taken from other offices or evidence of other illicit activity," and that the individuals could have used the computers to gain access to other systems they weren't authorized to access.

To top it off, the report notes the IT workers had not been vetted, and had not had background checks.

As The Daily Caller noted, "There is no scenario where the access was appropriate because House members are not allowed to accept services from people not on their payroll and employees are not permitted to log in to servers of members for whom they do not work. The presentation notes that such House polices are codified in law."

The report adds to the growing scandal around Schultz, the Awan brothers, and a handful of Democrats.

Rep. Scott Perry (R-Pa.) outlined the seriousness of the growing scandal during an Oct. 10 hearing in Washington and noted there still doesn't appear to be a proper investigation into the case.

Perry noted "Over 5,700 logins by the five Awan associates were discovered on a single server within the House," and that of those logins, "5,400 appear unauthorized."

In addition, Perry noted that the 5,700 logins by the five Awan associates were found on a House server belonging to former Democratic Rep. Xavier Becerra, who is now attorney general in California.

Becerra's server, he said, "was actually housing the entirety of the servers of all the member offices that employed Amran or his associates. All of it. The entirety," which violates House policy.

This also means, he said, that "up to 40 or more members of Congress had all of their data moved out of their office server or out of their cloud storage system and onto the Becerra server without their knowledge or consent."

Joshua Philipp is an award-winning investigative reporter with The Epoch Times and host of EpochTV's "Crossroads" program. He is a recognized expert on unrestricted warfare, asymmetrical hybrid warfare, subversion, and historical perspectives on today’s issues. His 10-plus years of research and investigations on the Chinese Communist Party, subversion, and related topics give him unique insight into the global threat and political landscape.
Related Topics