October 2013: Clinton’s server gets anti-hacking protection after going several months without any.

The CloudJacket Logo (Credit: public domain)

The CloudJacket Logo (Credit: public domain)

From late June 2013 until October 2013, Platte River Networks (PRN) is managing the server, apparently without any anti-hacking software. In October 2013, the software they have been waiting for arrives and is installed. This is an intrusion detection and prevention system called CloudJacket from SECNAP Network Security.

According to a later FBI report, it “had pre-configured settings that blocked or blacklisted certain email traffic identified as potentially harmful and provided real-time monitoring, alerting, and incident response services. SECNAP personnel would receive notifications when certain activity on the network triggered an alert. These notifications were reviewed by SECNAP personnel and, at times, additional follow-up was conducted with PRN in order to ascertain whether specific activity on the network was normal or anomalous. Occasionally, SECNAP would send email notifications to [an unnamed PRN employee], prompting him to block certain IP addresses. [This employee] described these notifications as normal and did not recall any serious security incident or intrusion attempt.”

Additionally, “PRN also implemented two firewalls for additional protection of the network. [This PRN employee] stated that he put two firewalls in place for redundancy in case one went down.”

The FBI report will also conclude, “Forensic analysis of alert email records automatically generated by CloudJacket revealed multiple instances of potential malicious actors attempting to exploit vulnerabilities on the PRN Server. FBI determined none of the activity, however, was successful against the server.” (Federal Bureau of Investigation, 9/2/2016)

 

October 2013—February 2014: Clinton’s private email server is the subject of repeated attempted cyber attacks, originating from China, South Korea, and Germany.

The attempts are foiled due to threat monitoring software installed in October 2013. However, from June to October 2013, her server is not protected by this software, and there is no way of knowing if there are successful attacks during that time.

A 2014 email from an employee of SECNAP, the company that makes the threat monitoring software, describes four attacks. But investigators will later find evidence of a fifth attack from around this time. Three are linked to China, one to South Korea, and one to Germany. It is not known if foreign governments are involved or how sophisticated the attacks are.

Clinton had ended her term as secretary of state in February 2013, but more than 60,000 of her emails remained on her server. (The Associated Press, 10/7/2015) 

In March 2013, a Romanian hacker nicknamed Guccifer discovered Clinton’s private email address and the exact address was published in the media.

October 2013: Clinton’s brother gets a financial stake in a mining venture in Haiti.

Clinton presided over the grand opening of a Haitian industrial park in October 2012, two months before VCS Mining got a lucrative gold mining permit. (Credit: Getty Images)

Clinton presided over the grand opening of a Haitian industrial park in October 2012, two months before VCS Mining got a lucrative gold mining permit. (Credit: Getty Images)

In December 2012, a US-based company called VCS Mining wins one of the first two gold-mining permits issued by the Haitian government in more than 50 years. The mining project is heavily criticized by Haitian politicians who call it a potential environmental disaster and a waste of resources. Its permit is put on a hold due to the backlash.

In October 2013, Hillary Clinton’s brother Tony Rodham is added to VCS Mining’s advisory board. Rodham is rewarded with stock options in the mining company that will vest if the mine is successful. Both Rodham and VCS Mining chief executive and president Angelo Viard later claim that Rodham was added to the board after a chance meeting at the previous year’s Clinton Global Initiative (CGI) annual conference. Both also claim that Rodham’s involvement with the mining company has nothing to do with the political power of the Clintons in the US or in Haiti. (Bill and Hillary Clinton are widely seen as leading the reconstruction effort since the 2010 Haiti earthquake.) Rodham used to work as a repo man, prison guard, and private detective, but has more recently worked for an investment firm. (The Washington Post, 3/20/2015)

In March 2016, the New York Times will report that many in Haiti see Rodham’s involvement in the mining company as him taking advantage of his sister’s political influence for personal profit. (The New York Times, 3/14/2016)

One week after the Times article that suggested Clinton could be hurt politically by the connection, VCS Mining will announce that Rodham has stepped down from the board due to company “restructuring.” (VCS Mining, 3/21/2016)

October 2, 2013: Three years after WikiLeaks leaked 250,000 State Department cables, the department’s communication system “is operating without basic technical security measures in place, despite warnings about its vulnerabilities…”

The SAIG Logo (Credit: public domain)

The SAIG Logo (Credit: public domain)

This is according to a BuzzFeed article. The system is known as SMART (the State Messaging and Archive Retrieval Toolset), and is used to share internal department documents, including the diplomatic cables made public by WikiLeaks. SMART is a two-tiered system, for both classified and unclassified information. SMART was launched in 2009, and the department has paid hundreds of millions of dollars to contractors for it, mostly to the company SAIC.

Unnamed sources “say the failures have left thousands of cables and messages, including highly sensitive and classified ones, vulnerable to espionage or leaks…” 

A former deputy program manager from one such contractor complains, “There is this attitude that security didn’t even come into the picture…I’m talking IT [information technology] security basics, standard fundamental things that a first-year admin would find.”

In 2012 and 2013, internal investigations revealed grave, unresolved security issues. “According to documents reviewed by BuzzFeed, several employees raised concerns starting from the beginning of the SMART rollout. They were told to not pursue the issue. Some were told, with stern overtones, that it wasn’t within their job descriptions to do so.” (Buzzfeed, 10/2/2013)

October 29, 2013: In a private speech, Clinton says she had to leave her phone and computer in a special box when traveling to China and Russia, but there is evidence she sent at least one email from Russia.

Clinton is greeted by Vice-Governor of St. Petersburg Oleg Markov as US Ambassador to Russia Michael McFaul looks on in St. Petersburg, Russia, on June 28, 2012.

Clinton is greeted by Vice-Governor of St. Petersburg Oleg Markov, as US Ambassador to Russia Michael McFaul looks on in St. Petersburg, Russia, on June 28, 2012. (Credit: public domain)

Clinton gives a private paid speech for Goldman Sachs, a financial services company. In it, she says, “[A]nybody who has ever traveled in other countries, some of which shall remain nameless, except for Russia and China, you know that you can’t bring your phones and your computers. And if you do, good luck. I mean, we would not only take the batteries out, we would leave the batteries and the devices on the plane in special boxes. Now, we didn’t do that because we thought it would be fun to tell somebody about. We did it because we knew that we were all targets and that we would be totally vulnerable.”

She will make similar comments in a private paid speech on August 28, 2014: “[E]very time I went to countries like China or Russia, I mean, we couldn’t take our computers, we couldn’t take our personal devices, we couldn’t take anything off the plane because they’re so good, they would penetrate them in a minute, less, a nanosecond. So we would take the batteries out, we’d leave them on the plane.”

The comments from both speeches will be flagged as potentially politically embarrassing by Tony Carrk, Clinton’s research director. Although the comments are made in private, Carrk’s January 2016 email mentioning the quotes will be made public by WikiLeaks in October 2016. (WikiLeaks, 10/7/2016)

Based on information from 2016 FBI interviews of Clinton and her aide Huma Abedin, it appears Clinton used her BlackBerry while still secretary of state to send an email to President Obama from St. Petersburg, Russia on June 28, 2012.

October 29, 2013: In a private speech, Clinton says that her department officials “were not even allowed to use mobile devices because of security issues.”

Clinton gives a private paid speech for Goldman Sachs, a financial services company. In it, she says, “[W]hen I got to the State Department, we were so far behind in technology, it was embarrassing. And, you know, people were not even allowed to use mobile devices because of security issues and cost issues, and we really had to try to push into the last part of the Twentieth Century in order to get people functioning in 2009 and ’10.

The comments will be flagged as potentially politically embarrassing by Tony Carrk, Clinton’s research director, due to Clinton’s daily use of a BlackBerry mobile device during the same time period. Although the comment is made in private, Carrk’s January 2016 email mentioning the quote will be made public by WikiLeaks in October 2016. (WikiLeaks, 10/7/2016)

October 29, 2013: In a private speech, Clinton asks why the computers of a fugitive whistleblower were not exploited by foreign countries “when my cell phone was going to be exploited.”

Clinton was keynote speaker at Goldman Sachs annual dinner that was hosted at the Clinton Global Initiative on September 23, 2013. (Credit: public domain)

Clinton was keynote speaker at Goldman Sachs annual dinner that was hosted at the Clinton Global Initiative on September 23, 2014. (Credit: public domain)

Clinton gives a private paid speech for Goldman Sachs, a financial services company. In it, she says, “[W]hat I think is true, despite [NSA fugitive whistleblower Edward] Snowden’s denials, is that if he actually showed up in Hong Kong [China] with computers and then showed up in Mexico with computers. Why are those computers not exploited when my cell phone was going to be exploited?” (Snowden was on the run from the US government and eventually settled in Russia earlier in 2013.)

The comments will be flagged as potentially politically embarrassing by Tony Carrk, Clinton’s research director, due to later revelations of Clinton’s poor security of her BlackBerry while Secretary of State. FBI Director James Comey will later call her “extremely careless.” Although the comment is made in private, Carrk’s January 2016 email mentioning the quote will be made public by WikiLeaks in October 2016. (WikiLeaks, 10/7/2016)