Democratic IT Staffers Made Thousands of Unauthorized Logons to Congressional Systems

The OIG reports from Sept. 20 and Sept. 30, 2016, were included in two PowerPoint briefings allegedly given to Speaker of the House Paul Ryan (R-Wis.), Minority Leader Nancy Pelosi (D-Calif.), and the Committee on House Administration. A transcript of the presentations was obtained by The Epoch Times.

According to the presentation, the aides may have also been storing “sensitive House information outside the House.” It notes that Dropbox, a cloud storage system, was installed on two Caucus computers used by the workers, and that two of the user accounts “had thousands of files in their Dropbox folder on each computer.”

According to The Daily Caller, statements from several Democrats also indicate that Democratic staff of the House Administration Committee and others “may have withheld information about cybersecurity breaches from members who employed the suspects, and appear to have misled them about the basic nature of the investigation.”

The presentation names the IT workers as Imran Awan, Abid “Omar” Awan, Hina Alvi, Jamal Awan, and Rao Abbas. The presentation states they “collectively logged in to 15 member offices and the Democratic Caucus, although they were not employed by the offices they accessed.”

All five of them, it states, “collectively logged on to the Caucus system 5,735 times, an average of 27 times per day.” In addition, it notes that Alvi “logged in to the Caucus computers 291 times over the 7-month period.” Another server, it notes, was logged in to 5.4 times a day, with 1,154 logins.

This behavior, it states, “is considered unusual since computers in other offices managed by these shared employees were accessed in total less than 60 times.”

At the same time, it notes, there are signs the individuals were trying to cover their tracks.

“This pattern of login activity suggests steps are being taken to conceal their activity,” the report states, noting the individuals showed behavior used to avoid network monitoring, and used login techniques that gave temporary access, “which could be done to evade network monitoring.”

The Caucus Chief of Staff, it states, even asked one of the IT workers to not provide IT services on their computers, but the individual continued to access the computer regardless.

While the report doesn’t draw conclusions, it does say the actions raise concerns.

“Excessive logons are an indication that the server is being used for nefarious purposes and elevated the risk that individuals could be reading and/or removing information,” it states.

It adds that the computers “could be used to store documents taken from other offices or evidence of other illicit activity,” and that the individuals could have used the computers to gain access to other systems they weren’t authorized to access.

To top it off, the report notes the IT workers had not been vetted, and had not had background checks.

As The Daily Caller noted, “There is no scenario where the access was appropriate because House members are not allowed to accept services from people not on their payroll and employees are not permitted to log in to servers of members for whom they do not work. The presentation notes that such House polices are codified in law.”

The report adds to the growing scandal around Schultz, the Awan brothers, and a handful of Democrats.

Rep. Scott Perry (R-Pa.) outlined the seriousness of the growing scandal during an Oct. 10 hearing in Washington and noted there still doesn’t appear to be a proper investigation into the case.

https://www.youtube.com/watch?v=FPGfVZLzqXM

Perry noted “Over 5,700 logins by the five Awan associates were discovered on a single server within the House,” and that of those logins, “5,400 appear unauthorized.”

In addition, Perry noted that the 5,700 logins by the five Awan associates were found on a House server belonging to former Democratic Rep. Xavier Becerra, who is now attorney general in California.

Becerra’s server, he said, “was actually housing the entirety of the servers of all the member offices that employed Amran or his associates. All of it. The entirety,” which violates House policy.

This also means, he said, that “up to 40 or more members of Congress had all of their data moved out of their office server or out of their cloud storage system and onto the Becerra server without their knowledge or consent.”