John Schindler, who spent time as the technical director of the NSA’s largest operational division, says that instead of focusing on hacking, foreign governments more often collect signals intelligence, or SIGINT remotely through high-tech means such as spy satellites.
He asserts that “unencrypted IT systems don’t need ‘hacking’—normal SIGINT interception will suffice. Ms. Clinton’s ‘private’ email, which was wholly unencrypted for a time, was incredibly vulnerable to interception, since it was traveling unprotected on normal commercial networks, which is where SIGINT operators lurk, searching for nuggets of gold. They hunt for data with search terms called ‘selectors’—a specific phone number, a chatroom handle, an email address: here Ms. Clinton’s use of the ‘clintonmail.com’ server was the SIGINT equivalent of waving a huge ‘I’m right here’ flag at hostile intelligence services. Since the number of spy agencies worldwide capable of advanced SIGINT operations numbers in the many dozens, with Russia and China in the top five, that Ms. Clinton’s emails wound up in the wrong hands is a very safe bet, as any experienced spy will attest.” (The New York Observer, 3/4/2016)