Amid the hoopla over the Patriots epic Super Bowl comeback and the on-going legal battle over President Trump's executive order on immigration, there was a third story over the weekend, one that deserves much more attention than it's getting.
So far, coverage of this developing scandal appears has belonged largely to the Daily Caller, where investigative reporter Luke Rosiak provided a major update on Saturday. He learned that three Capitol Hill IT staffers--all brothers--have been "relieved from their duties" for allegedly accessing Congressional computer networks without authorization. Previous accounts suggested the three were under investigation only for stealing computer equipment from the various Congressmen who employed them.
Three brothers who managed office information technology for members
of the House Permanent Select Committee on Intelligence and other
lawmakers were abruptly relieved of their duties on suspicion that they
accessed congressional computers without permission.
Brothers Abid, Imran, and Jamal Awan were barred from computer
networks at the House of Representatives Thursday, The Daily Caller News
Foundation Investigative Group has learned.
Three members of the intelligence panel and five members of the House
Committee on Foreign Affairs were among the dozens of members who
employed the suspects on a shared basis. The two committees deal with
many of the nation’s most sensitive issues and documents, including
those related to the war on terrorism.
Also among those whose computer systems may have been compromised is
Rep. Debbie Wasserman Schultz, the Florida Democrat who was previously
the target of a disastrous email hack when she served as chairman of the Democratic National Committee during the 2016 campaign
The brothers are suspected of serious violations, including accessing
members’ computer networks without their knowledge and stealing
equipment from Congress.
All there were "shared staffers," working for multiple Congressional offices which contributed towards their salary and benefits packages. Along with Wasserman-Schulz, Imran Awan also worked for two members of the House Permanent Select Committee on Intelligence (HPSCI), Democratic Representatives Andre Carson of Indiana and Jackie Speier of California.
Jamal Awan handled IT functions for Texas Democrat Jaoquin Castro, who serves on both the intelligence and the House Foreign Affairs committees. He also worked for Louisiana Democrat Cedric Richmond, a member of the Homeland Security Committee. Abid Awan was an IT specialist for Tammy Duckworth of Illinois, who was elected to the Senate in November. He performed similar duties for Florida Congresswoman Lois Frankel, who sits on the Foreign Affairs Committee.
The Daily Caller account differs significantly from a brief item in Politico, which appeared on Thursday. That initial report emphasized the theft element of the allegations, mentioning the illegal access of Congressional systems only in passing. As Mr. Rosiak's report indicates, that latter charge could be far more serious, given the classified material that some of the representatives have access to.
And for that matter, federal officials still haven't revealed which systems were breached. Members of the intelligence committee, for example, are cleared for information to the Top Secret/Sensitive Compartmentalized Information (TS/SCI) level and various special access programs (SAP), which include the crown jewels of American intelligence. Members of the foreign affairs panel are also typically cleared to the TS/SCI level.
That means the Congressmen (and women) who employed the Awan brothers had access to at least three computer networks; the Congressional version of NIPRNET, used for routine, unclassified information; SIPRNET (which handles information up to the Secret level), and JWICS, which is cleared for material at the TS/SCI level.
At this point, we don't know if the three men held security clearances, or the current status of their access to classified information. Media coverage suggests the brothers were among five Hill staffers under investigation since last year; in many cases, the opening of a criminal inquiry is sufficient grounds to suspend a clearance, and with it, access to information stored and transmitted on SIPRNET and JWICS.
As with any other governmental organization, classified material may be accessed or reviewed at only designated places on Capitol Hill. But if the Awan brothers had security clearances--and the ability to access SIPRNET or JWICS accounts assigned to members of Congress--they could review or even copy extraordinarily sensitive information, material that (if revealed or passed to a hostile power), could cause extremely grave damage to national security.
At this point, it must be cautioned that the clearance status of the three men has not been revealed. But, given the committee assignments of the Congressmen they worked for, it would be unusual for the brothers not to have a security clearance (emphasis ours). And, if the brothers had active clearances, they would have access to areas where Congressmen and their staffers review classified material, including Sensitive Compartmentalized Intelligence Facilities (SCIFs) where TS/SCI information is retained. With the user IDs and passwords of Congressional representatives and/or staff members, they could access and even download reams of classified material.
Again, no federal official has stated publicly that the Awan brothers used this technique. But it's a convenient and effective means of gaining access to the nation's secrets. According to The New York Times, investigators looking into the activities of NSA traitor Edward Snowden determined that the system administrator likely used the passwords of colleagues or supervisors to access classified information, and to partly cover his tracks. Snowden also used "web crawler" software to "scrape" information out of NSA archives, following links in classified documents, and copying everything in its path. The insider attack was relatively simple, but devastatingly effective, allowing Snowden to gather vast amounts of intel secrets, which he later shared with Wikileaks and Russian intelligence services.
So far, there is no confirmation that the Capitol Hill IT staffers engaged in similar activities. But with the right clearance, need-to-know and access to the login info for superiors and colleagues, they were in a position to access highly classified information.
Unfortunately, there are a number of unanswered questions about this incident, and it's unclear if more information will be forthcoming. A number of issues related to this investigation strike us as curious, to say the least. Among them:
1) Where is the FBI? Obviously, Congress operates by its own rules, but the unauthorized access of government computer systems is a federal crime, and falls under the bureau's purview. But limited press coverage suggests the investigation is being run by the Capitol Hill police. Perhaps Mr. Rosiak can do a little additional digging and determine what role--if any--if being performed by the bureau.
2) Exactly what systems were accessed? The Daily Caller specifically refers to IT systems, in the plural, based on information provided by the Capitol police and the House Sergeant-at-Arms. In this case does "systems" refer to computers in each members' office (which are linked to the wider, unclassified network), or unclassified and classified systems?
3) How did the Awan brothers gain employment on Capitol Hill? The youngest, Jamal, is only 22 years old and began working in the House when he was only 20. What particular IT skills did the men offer that landed them high-paying jobs working for members of Congress? Records show each of the men had annual salaries of $160,000 each, roughly three times the average IT salary on the Hill.
4) Why did House security managers ignore warning signs about Abid Awan? His car was re-possessed in 2009 and he declared bankruptcy in 2012, facing multiple lawsuits. Recurring financial problems are among the most common reasons for suspending (or terminating) a security clearance, but there are no indications that Mr. Awan lost his clearance--assuming her had one--or access to Congressional IT systems until the investigation began last year.
5) Finally, what is the role of Hina Alvi in all of this? Ms. Alvi is a female House IT staffer who works for many of the representatives that employed that Awan brothers, along with the House Democratic Caucus. She is also their landlord, listed as owner of the Lorton, Virginia home where them men have lived in recent years. Public records indicate there are multiple mortgages on the property. She is also the wife of Imran Awan.
Currently, the Capitol Hill IT scandal is barely a blip on the D.C. radar scope. But don't be surprised if it metastasizes into something far beyond a "procurement" matter.
***ADDENDUM***
PJ Media reports that some of the IT staffers under investigation are still working. The reason? As "shared employees," they must be terminated by all members of the House who employ them. Imran Awan and Alvi remained employed by at least one Congressman as of Monday evening, though their access to House IT systems has been blocked.
No comments:
Post a Comment