Questions Linger in the House IT Scandal

There’s stench rising from the House side of the Capitol this week, and no, it’s not just the usual smell of D.C. in the oppressive summer heat.

A months-long probe into a growing House cybersecurity scandal has reached an ignominious end, leaving questions unanswered, substantiated allegations unresolved, and a growing unease with just how easily members of Congress can influence the direction of an investigation that involves themselves.

I wrote about the spy-novel details of the case in April, and those following the meticulous reporting of the Daily Caller’s Luke Rosiak are no doubt familiar with the details: Five House information technology aides employed by more than 40 congressional Democrats allegedly made over 5,000 unauthorized logins to House servers, logging in with members’ usernames and passwords, including those of members for whom they did not work.

Over the course of nearly a year, House investigators watched the five IT aides, who also happen to be immediate family members, make what they later termed “excessive logons” to one server in particular—the one belonging to the Democratic caucus.

The five aides, Imran Awan and his wife, Hina Alvvi, his brothers Abid and Jamal Awan, and Abid’s wife, Natalia Sova, exhibited a pattern of behavior that House investigators deemed an “indication that the server is being used for nefarious purposes,” noting further that the login activity reflected a pattern designed to conceal the identity of the user. In a presentation to House leadership in September 2016, investigators also pointed to the presence of Dropbox folders on caucus computers containing thousands of files that the investigators termed “likely sensitive.”

Despite mounting evidence that something was seriously amiss, none of the House IT aides were fired. In a stunning development, shortly after the Democratic caucus server became evidence in cybersecurity probe, Congress’s sergeant-at-arms and chief administrative officer alerted House members that the server in question had gone missing.  

In a memo marked “urgent,” House security officials warned offices that they may have been subject to IT security violations, calling the IT aides “an ongoing and serious risk to the House of Representatives,” and urged members of Congress to withdraw computer credentials and change the locks on their doors.

None of this explains why, on Tuesday, the Department of Justice agreed to a plea deal with one of the aides—Imran Awan—charging him, bizarrely, with one count of bank fraud.

The plea deal dismisses without explanation the charges of “unauthorized or illegal conduct involving House computer systems,” stating only that the government uncovered no evidence that federal law was violated. The findings of the House investigators were never mentioned.

Why Were Charges Dropped?
The Washington Post, the Daily Beast and others gleefully pounced on the Justice Department’s conclusions, saying that a “right-wing conspiracy” and been “debunked.”

Yet, the opaqueness of the plea deal, the alleged unwillingness of key Democrats to press charges, and the dismissal of documented claims of cybersecurity breaches raise a host of unanswered questions. The case itself may have reached a conclusion, but that conclusion obscures far more than it illuminates.

For one, House investigators also found that Awan’s wife, Hina Alvi, accessed the Democratic caucus server 291 times, and accessed servers belonging to offices which did not employ her. Why were charges against her dropped?

What of the threats made by Rep. Debbie Wasserman Schultz (D-Fla.) that U.S. Capitol police pursuing this case would face “consequences” if they did not turn over a computer belonging to her, despite their pleas that the computer was important to the ongoing investigation?

But most importantly, how did the Department of Justice come to such drastically different conclusions than House investigators, particularly given that the House sergeant-at-arms and the inspector general are nonpartisan actors far more familiar with the House IT systems, protocols, and policies?

Why is Awan’s attorney claiming that the server in question was never missing, yet the House investigation clearly showed a new server had replaced the old one with a different serial number?

Mistrust and Verify
As Mark Tapscott wrote recently, the Justice Department and the House investigators cannot both be right. An A cannot at the same time be a non-A. Opposite conclusions drawn from the same evidence should raise more than just an eyebrow. They should summon fundamental and legitimate questions about the nature of power and the integrity of our institutions.

This is particularly true when “trust us” is the constant refrain from those in power. We’ve been screamed at for months by the media to “trust them,” there’s evidence of Russian collusion. Over a year after a special prosecutor was appointed, we’re still waiting for evidence. We willingly trusted the FBI to uphold the standard of impartiality and fairness. Then we found out about Peter Strzok and Andrew McCabe. Hollywood lectured America about decency but then told us to trust them, they had no idea about Harvey Weinstein’s serial predation or the intimidation and coercion that fuels their business.

All of this is, of course, couched in a broader lack of trust in American institutions and political parties, as a whole.

But broad trends have small beginnings. The failure of anyone in House leadership or the Department of Justice to thoroughly probe this investigation, to be willing to hold those involved accountable, and to explain the large and blatant disparity in findings simply adds to the general feeling of unease that something is terribly wrong in the contract between the governed and the governing.

Though the mainstream press would rather you believe otherwise, the House IT scandal is far from being some tinfoil hat conspiracy theory to be relegated to a dusty sub-Reddit thread in the corner of the internet. That wrongdoing occurred is without question. The extent to which the Justice Department will confirm it, or that those in power will take steps to drag this into the daylight, remains yet another unresolved question.

Get the news corporate media won't tell you.

Get caught up on today's must read stores!

By submitting your information, you agree to receive exclusive AG+ content, including special promotions, and agree to our Privacy Policy and Terms. By providing your phone number and checking the box to opt in, you are consenting to receive recurring SMS/MMS messages, including automated texts, to that number from my short code. Msg & data rates may apply. Reply HELP for help, STOP to end. SMS opt-in will not be sold, rented, or shared.

About Rachel Bovard

Rachel Bovard is senior director of policy at the Conservative Partnership Institute and Senior Advisor to the Internet Accountability Project. Beginning in 2006, she served in both the House and Senate in various roles including as legislative director for Senator Rand Paul (R-Ky.) and policy director for the Senate Steering Committee under the successive chairmanships of Senator Pat Toomey (R-Penn.) and Senator Mike Lee (R-Utah), where she advised Committee members on strategy related to floor procedure and policy matters. In the House, she worked as senior legislative assistant to Congressman Donald Manzullo (R-Il.), and Congressman Ted Poe (R-Texas). She is the former director of policy services for the Heritage Foundation. Follow her on Twitter at @RachelBovard.