In July 2016, the State Department will reveal some limited details about 22 “top secret” emails involving Clinton. One email chain is sent sometime in 2012, and involves two “top secret” emails. The chain begins with an email written by an unnamed State Department official to other unnamed department officials. It makes its way to Sullivan, who forwards it to Clinton, Clinton’s chief of staff Cheryl Mills, and Deputy Secretary of State William Burns. Clinton then replies to Sullivan. Then there’s another back and forth between Clinton and Sullivan. The contents of the emails remain unknown. (Vice News, 7/22/2016)
In July 2016, the State Department will reveal some limited details about 22 “top secret” emails involving Clinton. One email chain is sent sometime in 2012, and involves two “top secret” emails. The chain begins with an email written by an unnamed State Department official. It makes its way to Sullivan, who forwards it to Clinton and Clinton’s chief of staff Cheryl Mills. There is no known reply from Clinton. The content of the emails remain unknown. (Vice News, 7/22/2016)
The State Department continues to allow it, though with certain requirement and restrictions. (The New York Times, 3/25/2016)
The Homeland Security Department’s Computer Emergency Readiness Team issues a warning about remote access attacks, that would allow hackers to take control of computers. The warning notes that “An attacker with a low skill-level would be able to exploit this vulnerability.”
In 2015, the Associated Press will report that Clinton’s private email server could have been vulnerable to a hostile takeover by this very type of attack. Clinton’s server appears to have lacked encrypted protections, and could accept commands from the computers over the Internet.
Marc Maiffret, who founded two cybersecurity companies, will later comment, “That’s total amateur hour. […] Real enterprise-class security, with teams dedicated to these things, would not do this.”
Another cybersecurity expert, Justin Harvey, will comment that Clinton’s server “violates the most basic network-perimeter security tenets: Don’t expose insecure services to the Internet.” (The Associated Press, 10/13/2015)
At some point in 2012, The State Department bans the use of remote-access software for its technology officials to maintain unclassified servers, unless a waiver is given. It also bans all instances of remotely connecting to classified servers. However, according to records from December 2012, Clinton’s private email server continues to use remote-access software, and no evidence of a waiver allowing this has yet emerged.
Computer security expert Mikko Hypponen will say in 2015 that the use of remote-access software on her server was “clearly serious” and could have allowed hackers to run malicious software on it. (The Associated Press, 10/13/2015)
According to the Center for Effective Government, a government watchdog group which will later merge into the Project On Government Oversight (POGO), in the fiscal year of 2012, Clinton’s last full year in office, the State Department ranks last out of the 15 major government departments for its handling of Freedom of Information Act (FOIA) requests. It earns an “F” grade, with a score well below any other department. (Bloomberg News, 3/5/2015) (Center for Effective Government, 3/5/2016)