Contact Us

Cyber Security Expert and Representative Matt Boehnke Calls for Immediate ESD Scam Hearings – One of the Largest Thefts of All Time | Shift Washington

Cyber Security | June 21, 2020

With details of the historic scam on Washington State Employment Security Department still being revealed, we thought Representative Matt Boehnke (R-Kennewick) would be the perfect Newsmaker Interview to provide Shift readers with insight on what the Inslee Administration failed to do to prevent “hundreds of millions of dollars” to be stolen from our state’s treasury.  Boehnke is a first term legislator with 30 years of military and commercial experience in cyber security.  While Democrat legislators say they might hold a hearing on this scam next year, Representative Boehnke is calling for a legislative investigation now.

From what you have learned, what took place at the Employment Security Department that allowed such a large-scale scam to take place?

I believe the Washington State Employment Department (ESD) was involved in a series of highly orchestrated cyber-attacks by an intelligent, well-organized criminal organization.  This organization has a history of conducting reconnaissance, scanning, gaining access, maintaining access, and covering their tracks.  During the reconnaissance phase, which I believe began earlier than Governor Inslee’s “stay home, stay safe” order, this organization conducted surveillance operations to understand and learn as much as possible about the standard operating procedures within the ESD. Then when the order was given, they slowly began this fraud operation on the citizens of Washington.  Remember, these are citizens who were just told they were unemployed, most live paycheck-to-paycheck, and are just trying to put food on their tables.

What could have been done to protect Washington taxpayers from this criminal activity?

There are many steps that organizations implement in an attempt to prevent such an attack.  As a cybersecurity professional for over 30 years and with 22 years active duty military service, working with large organizations in various countries, I have learned and continue to teach a defense-in-depth strategy.  This strategy is a layered approach that, like a castle back in the days of King Arthur, an organization has a series of defensive mechanisms to mitigate and prevent such an attack.  This defense-in-depth strategy is a system of a systems approach with a mix of integrated hardware and software including but not limited to the capabilities of firewalls, access controls, filtering, anti-virus, anti-malware, monitoring data analysis, and authentication.

The goal of this strategy aligns with the National Security Agency (NSA)’s, Cybersecurity & Infrastructure Security Agency (CISA) guidance for a phased approach incident management plan.  This plan follows a fluid, common-sense approach in planning, preparing, detecting, triage, and responding to an incident.  Throughout this process, individuals at all levels are making decisions and conducting analysis based upon the metrics developed in these systems of systems.  In a well-run organization, this symphony of operations working together towards a common goal, defending the network, securing the data, and in this case, monitoring operations to ensure individuals who are authenticated, are tracked throughout the process, get the appropriate amount of funds they deserve, with all steps along the way, documented.

What needs to be done to ensure this does not happen again?

First, I am calling for immediate public hearings to be held at the state to get to the bottom of this.  Second, from these hearings, we will have the information to focus efforts towards a bi-partisan solution.  Third, while the hearings are taking place, ramp up the agency’s resources to solve the problem now.  Fourth, work throughout this process to document lessons learned from this event to communicate to the citizens of Washington what is going on and what we are doing about it.  We need a strategy that is based on science, that instills leadership, accountability, and transparency.  We are building trust back into a government agency that the people deserve.

Who should be held accountable for allowing this scam to take place? Many Republican legislators have called on ESD Commissioner Suzi LeVine to resign.  Do you support this sentiment?

As in the military and any other career, it all starts at the top.  All leaders, supervisors, and managers are held accountable for our actions.  As a military officer, while serving in Iraq and other locations around the world, no matter what happened in my unit, it was my responsibility for my unit’s (my organization’s) actions.  Whether good or bad.  As a State Representative, I’m held accountable to the people of Washington who I’m honored and humbled to serve.

I am not calling for her to resign, just yet. I always try to give every leader the benefit of the doubt.   However, as events continue to unfold, with the increasing lack of leadership, accountability and transparency of the ESD organization’s actions and responses during this crisis, the citizens of Washington want answers.  All state legislators, including myself, are getting hundreds of emails and phone calls about the lack of ESD support.  Citizens want to know the status of their case, where the money is, when they can find out, or who do they call.  Basic questions that ESD has failed to answer.

All Washington State Legislators had an effective process, where a citizen in my district could call and email for support.  ESD worked with us to develop a “hotline” to assist our staff in getting a status for our citizens.  This worked great in the past.  This week ESD has cut this off and is only taking a limited number of these “Hotline” requests from all the four corners staffs.  Sadly, this decision is only going to make matters worse.

What is your estimate on when the ESD will be able to catch up on the backlog of applications and deliver the promised benefits to Washington workers who have suddenly lost their wages?

From past experiences, my estimate would be a matter of weeks. If ESD supports our plan to hold hearings at the state so we can get a better understanding of what the issues are, we can address them, respond quicker, more transparent and solve this sooner.  This has happened in other states who were impacted by similar agency attacks.  For example, the State of Oregon has already held initial hearings on a similar subject. (

Also, I have met with several companies that are willing to step in, assist us with assessing the situation and providing support.  These companies are offering this support at no cost to the state.

Lastly, we want all Washingtonians to understand that this is a top priority in our state, and we are actively working to solve this issue.  We want to help.  We want answers.  We need more effective leadership in dealing with this issue, provide more transparency and accountability to the citizens of Washington.  If we all are in this together, then why are we not working together to solve this.

For more information on Representative Boehnke please visit his legislative webpage at

This content was originally published here.