2012: Clinton’s private server is vulnerable to a hacker attack described in a government warning.

Marc Maiffret (Credit: Fox News Business)

Marc Maiffret (Credit: Fox News Business)

The Homeland Security Department’s Computer Emergency Readiness Team issues a warning about remote access attacks, that would allow hackers to take control of computers. The warning notes that “An attacker with a low skill-level would be able to exploit this vulnerability.”

In 2015, the Associated Press will report that Clinton’s private email server could have been vulnerable to a hostile takeover by this very type of attack. Clinton’s server appears to have lacked encrypted protections, and could accept commands from the computers over the Internet.

Marc Maiffret, who founded two cybersecurity companies, will later comment, “That’s total amateur hour. […] Real enterprise-class security, with teams dedicated to these things, would not do this.”

Another cybersecurity expert, Justin Harvey, will comment that Clinton’s server “violates the most basic network-perimeter security tenets: Don’t expose insecure services to the Internet.” (The Associated Press, 10/13/2015)

2012: Clinton’s private server is still run on software newly prohibited by the State Department.

At some point in 2012, The State Department bans the use of remote-access software for its technology officials to maintain unclassified servers, unless a waiver is given. It also bans all instances of remotely connecting to classified servers. However, according to records from December 2012, Clinton’s private email server continues to use remote-access software, and no evidence of a waiver allowing this has yet emerged.

Computer security expert Mikko Hypponen will say in 2015 that the use of remote-access software on her server was “clearly serious” and could have allowed hackers to run malicious software on it. (The Associated Press, 10/13/2015)

2012: The State Department is the worst US government department in dealing with FOIA requests.

Project On Government Oversight logo (Credit: POGO)

Project On Government Oversight logo (Credit: POGO)

According to the Center for Effective Government, a government watchdog group which will later merge into the Project On Government Oversight (POGO), in the fiscal year of 2012, Clinton’s last full year in office, the State Department ranks last out of the 15 major government departments for its handling of Freedom of Information Act (FOIA) requests. It earns an “F” grade, with a score well below any other department. (Bloomberg News, 3/5/2015) (Center for Effective Government, 3/5/2016)

March 9, 2012: A Justice Department memo clarifies a policy of avoiding interference in elections.

Eric Holder (Credit: public domain)

Eric Holder (Credit: public domain)

Eric Holder, the US attorney general from 2009 until 2015, writes a memo during the 2012 US presidential race outlining Justice Department policy on how to avoid interfering in elections. It states that department employees (which includes the FBI) “must be particularly sensitive to safeguarding the department’s reputation for fairness, neutrality, and nonpartisanship.” If an employee is “faced with a question regarding the timing of charges or overt investigative steps near the time of a primary or general election,” that person should contact the department’s public integrity section “for further guidance.”

The department has had such policies for decades, and they usually are restated every presidential election, but the memo adds clarity to them. (The Washington Post, 10/29/2016) (US Department of Justice, 3/9/2012)

This department policy will be tested in 2016, when the FBI reopens an investigation into Clinton’s emails just 11 days before Clinton is on the ballot for the US presidential election.

March 22, 2012: Clinton denounces corruption and lack of transparency.

The Transparency International logo (Credit: Transparency International)

The Transparency International logo (Credit: Transparency International)

Speaking at an award ceremony for the international non-profit Transparency International, Clinton says, “[C]orruption and the lack of transparency eats away like a cancer at the trust people should have in their government, at the potential for broad-based, sustainable, inclusive growth. Corruption stifles entrepreneurship, siphons funding away from critical services, poor fiscal transparency makes it impossible to hold governments accountable. And if these problems go on long enough, if they run deep enough, they literally can and have been shaking societies to the core.” (US Department of State, 3/22/2012)

March 30, 2012—March 31, 2012: Clinton’s BlackBerry emails could be intercepted by Saudi Arabia while she visits that country.

Assistant Secretary for Near Eastern Affairs Jeffrey Feltman, Ambassador to the Clinton meets with King Abdullah bin Abdulaziz Al Saud of Saudi Arabia on March 30, 2012. (Credit: US Embassy Riyadh)

Clinton meets with King Abdullah bin Abdulaziz Al Saud of Saudi Arabia on March 30, 2012. (Credit: US Embassy Riyadh)

Clinton travels to Riyadh, Saudi Arabia, from March 30 to 31, 2012. (US Department of State, 3/30/2012)

This is notable because a September 2016 FBI report will reveal that Clinton regularly used her unsecure BlackBerry while outside the US, including sending and/or receiving “hundreds” of emails containing classified information. (Federal Bureau of Investigation, 9/2/2016)

Furthermore, in August 2010, it was reported that Research in Motion (RIM), the company that makes BlackBerrys, agreed to locate three computer servers within Saudi Arabia, “putting them under the jurisdiction of local security forces,” according to an article at the time by the Register.

Headquarters of Research In Motion (RIM) located in Waterloo, Ontario (Credit: public domain)

Headquarters of Research In Motion (RIM) located in Waterloo, Ontario (Credit: public domain)

The effective result is that the Saudi government was able to intercept emails that have to briefly pass through the servers. RIM did not want to agree to this, but the Saudi government briefly suspended BlackBerry service until RIM gave in. Even emails sent through Saudi Arabia using personal encryption keys could be easily intercepted due to this agreement. (The Register, 8/9/2010)

Clinton is sent emails virtually every day, and her days in Saudi Arabia are no exceptions. One email classified at the “confidential” level is sent to Clinton on March 31, 2012, though it’s not clear if she is in Saudi Arabia at the time or not. The email concerns politics in Sudan and South Sudan. (US Department of State, 1/29/2016)

 

April 2012: A photo leads to confirmation Clinton is not using a government email account, but no action is taken.

Clinton checks her Blackberry in a military C-17 plane bound for Tripoli, Libya October 18, 2011. (Credit: Kevin Lamarque / The Associated Press)

Clinton checks her Blackberry in a military C-17 plane bound for Tripoli, Libya October 18, 2011. (Credit: Kevin Lamarque / The Associated Press)

A photo of Clinton using her BlackBerry while wearing sunglasses on a military plane in 2011 becomes popular on the Internet, prompting a “Texts from Hillary” meme.

In court testimony in 2016, State Director of Executive Secretariat Staff Karin Lang will recall that Clarence Finney, who oversees the State Department’s responses to Freedom of Information Act (FOIA) searches, sees the photo in the media and wants to know if Clinton still does not have a government email account. Finney checks with the department’s information management staff and confirms she still doesn’t have one. According to Lang, Finney will not recall who told him this, or when it happened exactly. (Politico, 6/9/2016

However, the photo’s popularity starts and peaks in April 2012. The Washington Post comments about the photo at the time, “When Hillary Rodham Clinton checks her phone, she’s probably reading top secret e-mails…” But this does not lead to any attempt by Finney or others to find if she might have a private email account that could be responsive to FOIA requests. (The Washington Post, 4/5/2012)

June 19–20, 2012: Cheryl Mills conducts interviews to find the Clinton Foundation’s next leader while working as Clinton’s chief of staff, raising a possible conflict of interest.

120619CherylMillsFoundationReuters

Cheryl D. Mills speaks during a commitment workshop titled “Haiti: Lessons for the Future” at the Clinton Global Initiative (CGI) annual meeting on September 24, 2012. The CGI logo is in the background. (Credit: Reuters)

On June 19, 2012, Clinton’s chief of staff Cheryl Mills travels from Washington, DC, to New York City. The next day, she interviews two high-level business executives in order to help the Clinton Foundation find a new leader.

When Clinton became secretary of state, she and the Clinton Foundation agreed to abide by rules specially created in an agreement with the Obama administration not to “create conflicts or the appearance of conflicts for Senator Clinton as Secretary of State.”

When news of this trip is made public in August 2016, Clinton’s campaign will claim that any work Mills did for the Clinton Foundation, such as this trip, was strictly voluntary.

The two executives interviewed by Mills had worked at Pfizer and WalMart, companies that CNN points out “have been huge donors to Foundation, and have worked with the Clinton Global Initiative.” However, neither of them get the job. (CNN, 8/11/2016)

July 14, 2012: Blumenthal sends Clinton another email that contains obviously classified information, but Clinton doesn’t flag it as such.

Mohamed Morsi, a member of the Muslim Brotherhood, is declared winner of the Egyptian presidential election on June 24, 2012. (Credit: The European Press Agency)

Mohamed Morsi, a member of the Muslim Brotherhood, is declared winner of the Egyptian presidential election on June 24, 2012. (Credit: The European Press Agency)

Clinton confidant and private citizen Sid Blumenthal marks the email “CONFIDENTIAL,” and then gives this warning: “SOURCE: Sources with access to the highest levels of the Muslim Brotherhood in Egypt, The Supreme Council of the Armed Forces, and Western Intelligence and security services. THE FOLLOWING INFORMATION COMES FROM AN EXTREMELY SENSITIVE SOURCE AND SHOULD BE HANDLED WITH CARE.” The email then discusses secret meetings between senior members of the Muslim Brotherhood and the Egyptian army which have taken place in recent days. (US Department of State, 1/7/2016

However, Clinton does not warn department security about this email that could jeopardize an intelligence asset in Egypt. Instead, she forwards the email to her aide Jake Sullivan with the comment, “More timely info.” (US Department of State, 1/7/2016)

August and December 2012: An Internet-wide hacker attack makes Clinton’s private server even more vulnerable.

An anonymous hacker using a computer in Serbia scans hundreds of millions of Internet addresses for accessible openings, called “ports.” Clinton’s private server is scanned by this hacker in August 2012 and again in December. The hacker’s millions of results are then made widely available on-line. It is unknown if anyone looking at this data figures out if the server belongs to Bill and Hillary Clinton, although the name “clintonemail.com” is a clue. (The Associated Press, 10/13/2015)

September 3, 2012: Blumenthal sends an email to Clinton that later will be almost entirely redacted.

Clinton confidant and private citizen Sid Blumenthal emails Clinton another one of his many intelligence updates, despite having no security clearance. This one will later be nearly entirely classified, including the email title. There are only two sentence fragments later made public. One is Blumenthal’s marking: “CONFIDENTIAL.” The other is: “SOURCE: Sources with access to the highest levels of the governments and institutions discussed below. This includes—” Six blank pages of fully redacted text follow. (US Department of State, 1/29/2016) Most of Blumenthal’s emails relate to Libya, and the email is sent just eight days prior to a terrorist attack on the US consulate in Benghazi, Libya.

September 23, 2012: An email chain involving Clinton includes the name and email address of a secret CIA official.

Victoria Nuland (Credit: Voice of America)

Victoria Nuland (Credit: Voice of America)

State Department spokesperson Victoria Nuland starts an email chain about an imminent New York Times article written by Eric Schmitt that could mention a particular CIA annex. The email is sent to a handful of Clinton’s top aides.

Soon, a secret CIA official joins in the email chain, despite not being sent the original email.

A later email in the chain from this CIA official (or possibly another one) reveals the New York Times backs down and agrees to changes to the article, including not mentioning details about the CIA annex.

Parts of Clinton’s email will later be deemed classified due to the mention of at least one secret CIA official’s name and email address earlier in the chain. (US Department of State, 12/31/2015) 

That evening, The New York Times publishes an article written by Eric Schmitt and two others called, “Deadly Attack in Libya Was Major Blow to CIA Efforts.” (The New York Times, 9/23/2012)

October 13, 2012: Clinton receives an email that reveals undercover CIA officers use State Department cover in Afghanistan.

Jeremy Bash (left) Leon Panetta (right) (Credits: public domain)

Jeremy Bash (left) Leon Panetta (right) (Credits: public domain)

Jeremy Bash, who is chief of staff to Defense Secretary Leon Panetta at the time, sends an email to four other US officials, including Clinton aides Jake Sullivan and Cheryl Mills. Sullivan then forwards the email to Clinton. The email has the subject heading: “This a.m. Green on Blue.” That is an idiom referring to when police attacks soldiers. The email refers to an Afghan police officer triggering a suicide vest and killing or wounding 14 Americans or Afghans, including one dead American.

The email will later be classified at the “secret” level, suggesting some important classified information in it, but its redactions make it difficult to understand. There is no indication of a reply from Clinton. (US Department of State, 1/29/2016)

In Clinton’s July 2016 FBI interview, she will be specifically asked about this email, again suggesting something unusual about it. However, her answer will also be heavily reacted. For instance, “Clinton believed she would be speculating if she were to state what [redacted] meant when he referred to [redacted].” (Federal Bureau of Investigation, 9/2/2016)

Dario Lorenzetti (public domain)

Dario Lorenzetti (public domain)

On February 4, 2016, NBC News will reveal that the email concerns undercover CIA officer Dario Lorenzetti. He died in the suicide attack described in the email. Lorenzetti’s CIA connection was leaked to the media by anonymous officials four days after his death and was widely reported in the news media, although his CIA cover was not lifted until later.

According to NBC News, in the redacted portions of the email, it seems Bash was trying “to preserve the CIA officer’s cover. But some of the language he used, now that Lorenzetti is known to have been a CIA officer, could be read as a US government acknowledgement that CIA officers pose as State Department personnel in a specific country, Afghanistan — something widely known but not formally admitted.” This is why the email is classified at the “secret” level.

Bash ends the email by instructing a CIA spokesperson to “please lash up with [redacted].” NBC News will indicate the missing word is “presumably either the spy agency or one of its employees.” (NBC News, 2/4/2016)

This may be the phrase that the FBI asked Clinton about, and to which she replied that “she would be speculating if she were to state what [redacted] meant when he referred to [redacted].” (Federal Bureau of Investigation, 9/2/2016)

NBC News will also interview Bash about this email. Bash will claim that the email “did not reference the individual’s name, employer, nor any identifying description or information.” Additionally, once the CIA posthumously lifted Lorenzetti’s cover, “the original unclassified email could be read to confirm the general use of cover, prompting the redactions we now see. But any suggestion that this email contained confirmation about the person or his cover, or any inappropriate information, is flat wrong.” (NBC News, 2/4/2016)

October 26, 2012—November 14, 2012: An email to Clinton from her computer technician raises the question of if he sent her other emails.

On October 26, 2012, Bryan Pagliano sends Clinton an email with the subject line: “Happy Birthday!” His message is, “Happy Birthday Madam Secretary. To many more! Bryan.”

However, rather than directly replying, on November 14, 2012, Clinton forwards the email to her aide Robert Russo with the comment, “Pls [please] respond.”

She forwards dozens of other birthday emails to Russo on the same day, as she apparently has been too busy to reply to each one herself. Curiously, Clinton’s forward of Pagliano’s email (and not his original email) appears to be the only email to or from Pagliano or mentioning his name in the over 30,000 Clinton emails that will later be publicly released, even though he’s a State Department employee and is managing Clinton’s private server during her four years as secretary of state. (US Department of State, 11/30/2015) 

In December 2015, it will be reported that a State Department file containing Pagliano’s emails from Clinton’s time as secretary of state is missing. (Politico, 12/11/2015) 

Also in December 2015, Senator Chuck Grassley (R), the chair of the Senate Judiciary Committee, will say that his request to the State Department for emails between Pagliano and Clinton is his “highest-priority request.” (Business Insider, 3/3/2016)

Around October 28, 2012: Clinton’s computer technician is still managing her private server, but there is no known email trail.

Clinton’s private email server in Chappaqua, New York, stops working for days after New York is hit by Hurricane Sandy. Bryan Pagliano is still the lead specialist for the server and is tasked to fix it. The email system is not always reliable, and Pagliano is always the one on call to fix problems as they come up. (The Washington Post, 8/4/2015) However, no emails between Pagliano and Clinton will be included in Clinton’s over 30,000 publicly released work emails, except for one where he wishes her a happy birthday. (US Department of State, 11/30/2015)

October 30, 2012: Pagliano wants State Department help for Clinton’s private server, but doesn’t get it.

IDL TIFF fileImage of Hurricane Sandy at 1:45 p.m. Eastern Daylight Time on October 28, 2012. (Credit: Earth Observatory / NASA)

IDL TIFF fileImage of Hurricane Sandy at 1:45 p.m. Eastern Daylight Time on October 28, 2012. (Credit: Earth Observatory / NASA)

Starting around October 28, 2012, Hurricane Sandy disrupts power in the New York City area for a few days, including the Chappaqua, New York, area where Clinton’s private email server is located. On October 30, an email exchange between Clinton’s deputy chief of staff Huma Abedin and another Clinton aide discusses that Clinton’s private server is down. Abedin’s main email account is hosted on the server.

Clinton’s computer technician Bryan Pagliano meets with staff from the department’s Information Resources Management (IRM) to find out if the department could provide support for Clinton’s server. Staffers tell Pagliano they can’t help because it is a private server.

This appears to be a very rare instance in which the existence of the server is mentioned to other department employees. (US Department of State, 5/25/2016)

Between November 2012 and March 15, 2013: Blumenthal’s CIA source may want to sell US intelligence to the new Libyan government.

Libya Prime Minister Ali Zeidan (Credit: Reuters)

Libya Prime Minister Ali Zeidan (Credit: Reuters)

Former CIA official Tyler Drumheller sends a letter to Ali Zeidan, the new Prime Minister of Libya. The letter will later be found in one of Sid Blumenthal’s emails due to his inbox getting broken into by the hacker nicknamed Guccifer.

The letter is undated, but must be from between November 2012 when Zeidan became prime minister, and March 15, 2013, when Blumenthal’s emails were hacked. Drumheller offers the services of his private company “Tyler Drumheller LLC,” to “provide discreet confidential information allowing the appropriate entities in Libya to address any regional and international challenges.” He says his information “is based on the experience of senior officials drawn from the highest levels of the American intelligence, security, and political communities.”

Since Clinton became secretary of state in 2009, Drumheller appears to have been sending CIA and NSA intelligence to Blumenthal, who then forwards it to Clinton. It’s not clear how Drumheller gets this information, since he left the CIA in 2005.

The response from Zeidan is unknown. (Gawker, 3/27/2015) (Gawker, 3/27/2015)

November 2012: Clinton’s private email account is reconfigured to use Google’s servers as a backup in case her personal server fails.

Clinton checks her phone with Assistant Secretary of State for European Affairs Philip Gordon in Munich, Germany, on February 4, 2012. (Credit: Politico)

Clinton checks her phone with Assistant Secretary of State for European Affairs Philip Gordon in Munich, Germany, on February 4, 2012. (Credit: Politico)

This is according to Internet records; it is likely in response to the server crashing for several days after Hurricane Sandy one month earlier. The choice of Google is curious because Clinton herself claimed that in June 2011, the Chinese government tried to break into the Google email accounts of senior US government officials. (The Associated Press, 3/4/2015)

December 6, 2012: A non-profit group files a Freedom of Information Act (FOIA) request seeking Clinton’s emails, but a Clinton aide says the emails don’t exist despite knowing that they do.

The CREW logo (Credit: CREW)

The CREW logo (Credit: CREW)

The request by Citizens for Responsibility and Ethics in Washington (CREW) ask for “records sufficient to show the number of email accounts of or associated with Secretary Hillary Rodham Clinton.” (US Department of State, 7/29/2016)

This request is sparked by reports that Lisa Jackson, administrator of the Environmental Protection Agency, had been using an email account at work under the name “Richard Windsor.”

Clinton is still secretary of state at the time, and her chief of staff Cheryl Mills soon learns of CREW’s request, due to a December 11, 2012 email sent to her  (and possibly Clinton) about it. But although Mills is very aware of Clinton’s private email address since she frequently sends emails to it, she doesn’t take any action and merely has an aide monitor the progress of CREW’s request.

In May 2013, the State Department will respond to CREW, “no records responsive to your request were located.”

Other requests for Clinton’s records will meet the same fate until the House Benghazi Committee finds out about her private email account in 2014. (The Washington Post, 3/27/2016) (The Washington Post, 1/6/2016)