Probe into House tech worker yields no evidence of espionage
In late September 2016, leaders in the House of Representatives met behind closed doors for briefings on a closely held investigation into a group of computer technicians working on Capitol Hill.
Investigators with the Inspector General’s Office had been quietly tracking the five IT workers’ digital footprints for months. They were alarmed by what they saw. The employees appeared to be accessing congressional servers without authorization, an indication that they “could be reading and/or removing information,” according to documents distributed at the previously unreported private briefings.
For some who listened to the findings, the fact that the employees were born in Pakistan set off alarms about national security, according to two participants who spoke on the condition of anonymity. Others thought it more likely that the IT workers, naturalized U.S. citizens, were bending rules on network access to share job duties — violations of House protocol, perhaps, but not espionage.
The matter was soon referred to the Capitol Police, who have been assisted in their investigation by the FBI’s Joint Terrorism Task Force. In February, the IT workers were barred from accessing the House network, a development that quickly made headlines.
Since then, the story of the House IT workers — brothers Imran Awan, Abid Awan and Jamal Awan, as well as Imran Awan’s wife, Hina Alvi, and friend Rao Abbas — has become a lightning rod charged by the convergence of politics, cybersecurity and fears of foreign intrusion.
It has attracted unfounded conspiracy theories and intrigue. Far-right news organizations seized on it as a potential coverup of an espionage ring that plundered national secrets and might have been responsible for the campaign hacking of the Democratic National Committee, a breach that intelligence agencies have linked to Russia. President Donald Trump has fanned its embers from his Twitter account, reposting a story that claimed the mainstream media was ignoring a scandal “engulfing” Rep. Debbie Wasserman Schultz, a Florida Democrat who was slow to fire Imran Awan after news of the investigation broke.
Yet, according to a senior congressional official familiar with the probe, criminal investigators have found no evidence that the IT workers had any connection to a foreign government. Investigators looking for clues about espionage instead found that the workers were using one congressional server as if it were their home computer, storing personal information such as children’s homework and family photos, the official said.
Even so, the story — reconstructed here after The Washington Post reviewed confidential documents and interviewed more than a dozen people, including House officials, witnesses and others, many of whom spoke on the condition of anonymity to discuss the sensitive investigation — highlights urgent and persistent questions about how well Congress safeguards computer equipment and data.
Lawyers for some of the IT workers told The Post that their clients had done nothing wrong.
Christopher Gowen, one of Imran Awan’s lawyers, called the espionage claims “ludicrous.”
“There’s nothing that Imran did that wasn’t requested by one of his clients on House staff,” he said.
Jim Bacon, a lawyer representing Abid Awan, said “a very lax environment” surrounds security protocols in the House. “I can tell you what they were doing was not unusual,” he said.
The nearly one-year-old investigation has thus far resulted in no charges related to the group’s House IT work. It has burrowed deeply into their personal finances and outside business ventures.
In July, prosecutors in the U.S. District Attorney’s Office for the District of Columbia charged Imran Awan and Alvi with bank fraud, alleging that the couple made misrepresentations on an application for a home-equity loan.
Imran Awan was arrested at the airport as he was preparing to board a flight to Pakistan, where his wife and three children — ages 4, 7, and 10 — have been since March. He has pleaded not guilty. Alvi is planning to return to the United States in the coming weeks to face bank-fraud charges, according to court records. None of the other IT workers has been accused of wrongdoing.
The investigation is ongoing. Both the FBI and the U.S. Attorney’s Office declined to comment.
Imran Awan, now 38, was a 14-year-old living in Pakistan when he filled out an application for a U.S. program that provides limited green cards through a lottery system, his lawyers said. He and his family were chosen. He arrived at 17, got a job working at a fast-food restaurant and went to community college in Northern Virginia. He transferred to Johns Hopkins University in Baltimore and earned a degree in information technology.
Awan became a U.S. citizen in 2004, his lawyers said, the same year he was hired for a part-time job as an IT specialist in the office of Rep. Robert Wexler, D-Fla. Awan had gotten to know some of Wexler’s staffers as an intern for a company that provided services to the office.
As an IT specialist, Awan set up printers and work email accounts for new employees, and did technical troubleshooting. Charismatic and accommodating, he became a popular choice among House Democrats and soon cobbled together more than a dozen part-time jobs as what is known as a “shared employee” on the Hill, floating between offices on an as-needed basis.
Such arrangements came under scrutiny in 2008 when House Inspector General James Cornell testified that there was “inadequate oversight” over shared employees.
“In most instances, they have all the freedom of a vendor and all the benefits of an employee without the accountability one would expect with an employee,” Cornell told lawmakers. IT specialists, he noted, “present an additional risk in that they often have access to multiple office’s data outside of both the oversight of congressional office staff and the visibility of House security personnel.”