A group of Congressional IT staff members are being accused of misusing their official positions, and are now under investigation. Authorities say they had full access to emails, correspondence and confidential files. And, according to a former House technician, no one ever tracked anything they did.
There are reports that Imran Awan made requests for higher permissions than he should have had access to within central IT. He “bullied” the group into helping him hide his paper trail by bending the rules. And, what’s worse is that there are no logs of their actions. That means no one has any idea what information may have been stolen.
At first, Awan was responsible for running technology for multiple House Democrats. In time, his brothers Jamal and Abid, as well as two other relatives of his, were on the payroll as well. They were employed by dozens of House members. It’s estimated that since 2010, Awan’s family collected taxpayer dollars to the tune of $4 million.
The Daily Caller reports:
U.S. Capitol Police named him and his relatives as subjects of a criminal probe on Feb. 2, and banned them from the complex’s computer networks. But members of Congress for whom they worked have downplayed their access or publicly ignored the issue.
“They had access to EVERYTHING. Correspondence, emails, confidential files — if it was stored on the Member system, they had access to it,” the former House Information Resources (HIR) technology worker with first-hand knowledge of Imran’s privileges told The Daily Caller News Foundation.
Technology employees who work for members must initially get authority from HIR, a component of the House’s chief administrative officer, which maintains campus-wide technology systems.
“There were some things – like access to the House email system that were totally controlled by the technicians at HIR. In order for certain permissions to be granted, a form was required to ensure that there was a paper trail for the requested changes. Imran was constantly complaining that he had to go through this process and trying to get people to process his access requests without the proper forms. Some of the permissions he wanted would give him total access to the Members’ stuff.”
“IT staff at HIR can be tracked for every keystroke they make,” the worker said. But by comparison, “when these guys were granted access to the Member’s computer systems there is no oversight or tracking of what they may be doing on the Member’s system. For example they could make a copy of anything on the Member’s computer system to a thumb drive or have it sent to a private server they had set up and no one would know.”
“After being notified by the House Administration Committee, [Abid] was removed from our payroll. We are confident that everything in our office is secure,” Hilarie Chambers, chief of staff for Democratic Rep. Sander Levin of Michigan, told TheDCNF.
Multiple House IT workers said it is impossible for members’ offices to make that judgment, and that Capitol Police — who are running an investigation that involves cybercrimes and current and potential international fugitives, despite their primary duties being providing physical security — aren’t capable of determining what actually occurred either.
The Capitol Police web page listing their authority, scope of work and expertise does not mention the word “computers.”
A Fairfax County, Va., police report shows that the brothers’ stepmother called the police on them in January, and a relative said Imran has been out of the country attempting to access assets stored in Pakistan in his deceased father’s name. The relative said they forced her to sign power of attorney documents against her will.