Becerra Tried To Block Server Admin Over Red Flags, But Logins Continued, With Muted Reaction
Luke Rosiak
Investigative Reporter
Xavier Becerra, the chairman of the House Democratic Caucus, barely
reacted when he learned the caucus server had been infiltrated in 2016,
although he loudly decried the hack of the Democratic National Committee
that happened around that same time. No one has faced punishment for
the caucus server infiltration.
The then-congressman, who is now California’s attorney general, refused to articulate even the barest details of the cyber breach at a press conference Wednesday, and would not say whether he’s seeking criminal charges against longtime IT aide Imran Awan and his family.
Members of the Awan family logged on to the Caucus server 7,000 times without authorization between October 2015 and August 2016, according to a House investigation. The logins suggested “the server is being used for nefarious purposes and elevated the risk that individuals could be reading and/or removed information,” it said.
Multiple sources said Sean McCluskie, who was Becerra’s chief of staff and is now chief deputy attorney general of California, knew of problems well before law enforcement was brought on board in October 2016.
Imran’s brother Abid Awan had no connection to either the caucus or Becerra’s congressional office and had no authorization or reason to log in, but he was doing so anyway, according to investigators. Becerra had paid Imran to manage his personal office server since 2004, adding in his wife Hina Alvi as a second IT aide in 2013. Hina Alvi was also the sole IT aide on the payroll of the caucus, which has its own staff and equipment. Other aides had no connection or authorization to access it.
McCluskie suspected Abid and quietly tried to address the issue by quietly blocking him. Abid defied him and continued to access the server, which should have raised urgent red flags, the sources said.
“The Caucus Chief of Staff requested one of the shared employees to not provide IT services or access their computers,” but “this shared employee continued,” the House report found. The logins continued for months, and eventually, police said the entire server with evidence on it disappeared and was replaced with a different one.
The Daily Caller News Foundation asked Becerra about the incident and his response to it on Wednesday.
“Go back and research your facts, you’ve got them wrong. I understand that this matter is still under investigation, and we have cooperated with the authorities both within Congress and with the federal government on this,” Becerra said. He refused four times to say what facts he was contesting or to elaborate on the incident in any way.
His reaction is odd given Democrats’ vocal abhorrence of the breach of the DNC resulting in the publication of its emails by Wikileaks, which Democrats have called an “assault on our democracy.” Early signs of that breach were treated casually by the DNC when first detected: A tech manager said he was too busy with other matters to chase down leads, the FBI’s calls weren’t returned, the DNC delayed a response to focus on the primaries, and Donna Brazile said when DNC Chairwoman Debbie Wasserman Schultz finally relayed the news of the breach to officers weeks later, her tone was “casual.”
But even after the Wikileaks publication of DNC emails, Becerra never publicly acknowledged nor demanded consequences for the cyber breach on the server of a group similar in nature to the DNC.
Eighteen months later, no one has been charged or disciplined for the breach, which is perhaps not surprising since the victims don’t appear to be asking for it.
The Awan family was logging in to Becerra’s Caucus server with 17 different accounts belonging to offices whose data should have had no connection to the caucus, according to the House investigative report. The patterns were consistent with data being funneled onto Becerra’s server from other members of Congress, but members said Becerra never alerted them of any aberrations.
When TheDCNF broke the story about the caucus server in September, neither a Becerra representative nor McCluskie acknowledged the breach occurred. A spokesman finally told Fox News a month later that “since he was first approached by the authorities, AG Becerra has worked with them to provide them the information requested.”
Along with Rep. Debbie Wasserman Schultz and Rep. Gregory Meeks of New York, Becerra was Awan’s most consistent and earliest backer. He hired him in 2004, and between his personal office and the caucus that he controlled, paid the Awan family more money than any other member, payroll data shows.
This means examining Awan’s activities in 2016 could have created problems for Becerra and raised questions about more than a decade of potentially-compromised data as well as his judgment for not acting on warning signs. After 2004, Imran’s entire family — and a friend whose most recent job experience was at McDonald’s –eventually joined the House payroll. The staffers were mostly paid chief-of-staff level salaries, and newly-elected members said other lawmakers encouraged them to put the on their payroll by other lawmakers.
A senior Republican official with direct knowledge of the probe told TheDCNF “they [the Awans] had access to all the data including all emails. Imran Awan is the walking example of an insider threat, a criminal actor who had access to everything.”
“They were using the House Democratic Caucus as their central service warehouse … It was a breach. The data was completely out of [the members’] possession. Does it mean it was sold to the Russians? I don’t know,” the official said.
On Jan. 24, 2017, Becerra vacated his congressional seat to become California’s attorney general and hoped to clear his data. “We asked for an image of the server, and [the Awans] deliberately turned over a fake server,” the senior official said.
It was only then that the Awans were banned from the network. Since that time, Democrats have claimed they have never been informed of any breach, and those who did know — including Becerra — have gone to lengths to avoid discussing it or even defended the Awans. Wasserman Schultz suggested Islamophobia fueled criticism of the Awans’ alleged behavior. IT colleagues said they have long sensed something untoward in members’ relationship with the Awans, and even suspected that the Awans might be blackmailing members with their own emails.
Investigators also suspected the Awans of falsifying invoices for computer equipment in the House, and their attorneys said members of Congress or their staffs told them to fudge the records.
After the Awans were banned, the reasons for concern only worsened:
The then-congressman, who is now California’s attorney general, refused to articulate even the barest details of the cyber breach at a press conference Wednesday, and would not say whether he’s seeking criminal charges against longtime IT aide Imran Awan and his family.
Members of the Awan family logged on to the Caucus server 7,000 times without authorization between October 2015 and August 2016, according to a House investigation. The logins suggested “the server is being used for nefarious purposes and elevated the risk that individuals could be reading and/or removed information,” it said.
Multiple sources said Sean McCluskie, who was Becerra’s chief of staff and is now chief deputy attorney general of California, knew of problems well before law enforcement was brought on board in October 2016.
Imran’s brother Abid Awan had no connection to either the caucus or Becerra’s congressional office and had no authorization or reason to log in, but he was doing so anyway, according to investigators. Becerra had paid Imran to manage his personal office server since 2004, adding in his wife Hina Alvi as a second IT aide in 2013. Hina Alvi was also the sole IT aide on the payroll of the caucus, which has its own staff and equipment. Other aides had no connection or authorization to access it.
McCluskie suspected Abid and quietly tried to address the issue by quietly blocking him. Abid defied him and continued to access the server, which should have raised urgent red flags, the sources said.
“The Caucus Chief of Staff requested one of the shared employees to not provide IT services or access their computers,” but “this shared employee continued,” the House report found. The logins continued for months, and eventually, police said the entire server with evidence on it disappeared and was replaced with a different one.
The Daily Caller News Foundation asked Becerra about the incident and his response to it on Wednesday.
“Go back and research your facts, you’ve got them wrong. I understand that this matter is still under investigation, and we have cooperated with the authorities both within Congress and with the federal government on this,” Becerra said. He refused four times to say what facts he was contesting or to elaborate on the incident in any way.
His reaction is odd given Democrats’ vocal abhorrence of the breach of the DNC resulting in the publication of its emails by Wikileaks, which Democrats have called an “assault on our democracy.” Early signs of that breach were treated casually by the DNC when first detected: A tech manager said he was too busy with other matters to chase down leads, the FBI’s calls weren’t returned, the DNC delayed a response to focus on the primaries, and Donna Brazile said when DNC Chairwoman Debbie Wasserman Schultz finally relayed the news of the breach to officers weeks later, her tone was “casual.”
But even after the Wikileaks publication of DNC emails, Becerra never publicly acknowledged nor demanded consequences for the cyber breach on the server of a group similar in nature to the DNC.
Eighteen months later, no one has been charged or disciplined for the breach, which is perhaps not surprising since the victims don’t appear to be asking for it.
The Awan family was logging in to Becerra’s Caucus server with 17 different accounts belonging to offices whose data should have had no connection to the caucus, according to the House investigative report. The patterns were consistent with data being funneled onto Becerra’s server from other members of Congress, but members said Becerra never alerted them of any aberrations.
When TheDCNF broke the story about the caucus server in September, neither a Becerra representative nor McCluskie acknowledged the breach occurred. A spokesman finally told Fox News a month later that “since he was first approached by the authorities, AG Becerra has worked with them to provide them the information requested.”
Along with Rep. Debbie Wasserman Schultz and Rep. Gregory Meeks of New York, Becerra was Awan’s most consistent and earliest backer. He hired him in 2004, and between his personal office and the caucus that he controlled, paid the Awan family more money than any other member, payroll data shows.
This means examining Awan’s activities in 2016 could have created problems for Becerra and raised questions about more than a decade of potentially-compromised data as well as his judgment for not acting on warning signs. After 2004, Imran’s entire family — and a friend whose most recent job experience was at McDonald’s –eventually joined the House payroll. The staffers were mostly paid chief-of-staff level salaries, and newly-elected members said other lawmakers encouraged them to put the on their payroll by other lawmakers.
A senior Republican official with direct knowledge of the probe told TheDCNF “they [the Awans] had access to all the data including all emails. Imran Awan is the walking example of an insider threat, a criminal actor who had access to everything.”
“They were using the House Democratic Caucus as their central service warehouse … It was a breach. The data was completely out of [the members’] possession. Does it mean it was sold to the Russians? I don’t know,” the official said.
On Jan. 24, 2017, Becerra vacated his congressional seat to become California’s attorney general and hoped to clear his data. “We asked for an image of the server, and [the Awans] deliberately turned over a fake server,” the senior official said.
It was only then that the Awans were banned from the network. Since that time, Democrats have claimed they have never been informed of any breach, and those who did know — including Becerra — have gone to lengths to avoid discussing it or even defended the Awans. Wasserman Schultz suggested Islamophobia fueled criticism of the Awans’ alleged behavior. IT colleagues said they have long sensed something untoward in members’ relationship with the Awans, and even suspected that the Awans might be blackmailing members with their own emails.
Investigators also suspected the Awans of falsifying invoices for computer equipment in the House, and their attorneys said members of Congress or their staffs told them to fudge the records.
After the Awans were banned, the reasons for concern only worsened:
- Prosecutors have said both Imran Awan and his wife Hina Alvi tried to flee the country, with Awan using an alias.
- Imran left a laptop with the username RepDWS in a phone booth with a letter to prosecutors in March 2017 after being banned from the House network, according to a Capitol Police report.
- Imran’s stepmom said in a civil suit that “Imran Awan threatened that he is very powerful and if I ever call the police again, [he] will … kidnap my family members.” His wife Hina said in a Pakistani suit that he “threatened the complainant of dire consequences, he also threatened to harm the lives of family of [Hina] if she intervenes.” Another woman filed a police report in Virginia saying Imran was keeping her “like a slave.”
- It emerged that Imran had a secret email address, 123@mail.house.gov, that was not turned off when he was banned, and it used name of an employee for Rep. Andre Carson who specialized in intelligence matters, according to court documents.
- It emerged that the Awans own significant real estate holdings in Pakistan that locals say were the fruits of fraud, that charges there were dropped under political pressure, and that they sent money to a Pakistani police officer.
Imran Awan: A Continuing DCNF Investigative Group Series
- Court docs
- Hard Drive Tied to Wasserman Schultz Is Central To Imran Awan Case
- 18 Months In, Dem IT Aides Not Charged With Hill Crimes Despite Evidence
- Used Political Influence To Have Fraud Charges Dropped In Pakistan
- Own Wife Turns, Accuses Him Of Fraud, Violent Threats
- Imran Awan 'Very Strongly' Wants To Block Review Of Hard Drive, Was Using Alias
- Lawyer Says Congressmen Wanted Invoices Falsified
- Sending Money To Police Officer In Pakistan
- Funneling 'Massive' Data Off Congressional Server, Dems Claim It's Child's Homework
- 'Like a Slave': Three Muslim Women, At Least One Of Them Bloodied, Called Police on Imran
- Had Secret Server, Caught Falsifying Evidence To Cover It Up
- Imran Still Has Copy Of House Laptop DWS Said Has Sensitive
- Leg-Branch Info
- DWS Laptop Found at 3AM In Phone Booth With Letter To Prosecutors
- Awan Asks Judge To Remove GPS, Citing Possible Emergency With Kids--Who Are In Pakistan
- Has Secret, Still-Active House Account--123@mail.house.gov--Linked To Intelligence Specialist
- DWS 'Islamophobia' Claim Prompts Angered Witnesses To Go Public
- Rep. Yvette Clarke Quietly Signed Away $120,000 In Missing Equipment
- Imran, Hina Indicted For Conspiracy Against U.S.
- DWS Now Says Laptop She Sought To Keep From Police Was Awan's, Not Hers
- Liquidating $1.8M In Real Estate When Arrested, Some Still Pending
- DWS Seemingly Planned To Pay Suspect Even While He Lived In Pakistan
- Lawyer Is Longtime Clinton Associate
- Arrested At Airport After Wiring $300k To Pakistan
- FBI Seized Smashed Hard Drives From Home
- Ex-DNC Head 'Negotiating' With Police Over Letting Them See Evidence
- Dems Tying Themselves Into Knots To Ignore Criminal Probe
- 'You'd Like Him:' Associates Describe 'Cunning,' Charismatic Con Artist
- In Personal Lives, Evidence Of Massive Cons
- House Dems Hired A Fired McDonald's Worker As Email Administrator
- DWS Admits To Violating Network Security, Blames House
- Wasserman Schultz Threatened Police Chief For Gathering Evidence
- Suspect Has Fled To Pakistan, Relative Says
- House IT Aides Fear Suspects In Hill Breach Are Blackmailing Members
- Read the Court Docs Detailing Their Greed, Ruthlessness
- Paul Ryan: Capitol Police Getting 'Assistance' On Criminal Investigation
- Brothers Could Read Every Email Of Dozens Of Congressmen
- ...Also Had Access To DNC Emails
- ...Allegedly Kept Stepmom In 'Captivity' To Access Offshore Cash
- ...Received $4 Million From Dem Reps
- ...Owed Money To Hezbollah-Connected Fugitive
- ...Secretly Took $100K In Iraqi Money
- Brothers Had Massive Debts, Years Of Suspicious Activity
- House Intelligence, Foreign Affairs Committee Members IT Compromised
No comments:
Post a Comment