March 10, 2015: Hillary’s claim of private email correspondence with her husband Bill is contradicted by him.

Matt McKenna (Credit: The Associated Press)

Matt McKenna (Credit: The Associated Press)

In a press conference at the United Nations, one reason Hillary Clinton gives for deleting some of the emails from her private server is that they “contain[ed] personal communications from my husband and me.”

However, on the same day she says this, Matt McKenna, spokesperson for Bill Clinton, asserts that Bill still doesn’t use email himself. Although he does use Twitter sometimes, he has only sent two emails in his life, and both of them were when he was president in the 1990s. (The Daily Telegraph, 3/10/2015) (The Wall Street Journal, 3/10/2015)

September 22, 2015: Clinton’s emails were improperly secured up until August 2015.

After it became clear by May 2015 that some of Clinton’s emails contained classified information, the security of the email copies possessed by Clinton’s lawyer David Kendall became an issue. In July 2015, State Department officials installed a special safe in Kendall’s office to store them.
However, on this day, Assistant Secretary of State Julia Frifield writes to Senate Judiciary Committee Chair Charles Grassley (R) that “while the safe was suitable for up to (top secret) information, it was not approved for TS/SCI material.” “TS/SCI” stands for “top secret, sensitive compartmented information.” Top secret information and above, such as TS/SCI, must be kept in a specially built secure room known as a SCIF [sensitive compartmented information facility]. Frifield argues that no one in the department knew Clinton’s emails contained such highly classified information.
The issue was resolved in August 2015 when the FBI took away Kendall’s copies of the emails. (The Associated Press, 9/28/2015)

March 2016: The same hacking group that allegedly breaches the DNC [Democratic National Committee] computer network may also breach computers of some Clinton presidential campaign staffers.

Clinton's Deputy Communications Director, Kristina Schake (Credit: Getty Images)

Clinton’s Deputy Communications Director, Kristina Schake (Credit: Getty Images)

The hacker or hacking group is known by the nickname Fancy Bear, and is alleged to be working for the Russian government. Fancy Bear gets into the DNC network in April 2016, which makes it separate from the efforts of Cozy Bear (alleged also to be linked to Russia) or Guccifer 2.0 (alleged to be a “lone hacker”) which in either case got into the network for about a year. Fancy Bear’s attack on Clinton’s staffers is said to start in March 2016, according to the security firm SecureWorks. Targets include Clinton’s communications and travel organizers, speechwriters, policy advisers, and campaign finance managers.

The hackers use the “spear phishing” technique of sending an email from a seemingly trusted source in order to get the target to click on a link. In this case, the links are shortened by an Internet service known as Bitly to make it hard to notice that they’re bogus. They take the target to a fake Google login page, since most or all of Clinton’s staffers use Gmail. Once the target gives their user name and password, the hacker can log into the real account and access all the data. The hackers create 213 links targeting 108 hillaryclinton.com addresses. Twenty of those are clicked, raising the possibility that some accounts are successfully breached. (Forbes, 6/16/2016)

May 31, 2016: A former State Department inspector general says he would not have allowed Clinton’s use of a private server.

Howard Krongard (Credit: Fox News)

Howard Krongard (Credit: Fox News)

Howard Krongard, who was the State Department’s inspector general from 2005 to 2008, says he “would have been stunned had I been asked to send an email to [Clinton] at a personal server, private address. I would have declined to do so on security grounds and if she had sent one to me, I probably would have started an investigation.”

Krongard also suggests that Clinton benefited from the lack of a permanent inspector general for the entire duration of her tenure as secretary of state. “They are the people who enforce the rules, and there was no one enforcing the rules during that time.” (Fox News, 5/31/2016)

June 1, 2016: Clinton wants to avoid answering questions about her email scandal as much as possible.

Politico reports that the State Department inspector general’s report on her email practices has frustrated Clinton’s attempt to focus on her positives, since trustworthiness and honesty issues continue to dodge her. “Clinton’s game plan moving forward is to keep her head down and move the email issue to the side rather than try and explain it all away, while reiterating that what she did was a mistake, [unnamed Clinton] campaign officials said.”

An unnamed “longtime Clinton ally” says: “The strategy of, ‘let’s tell everyone everything about this,’ won’t work now and will just result in more questions. The goal now is how to make this election about something else other than email.”

Another unnamed “Clinton ally close to the campaign” says, “If she starts answering questions [about her email scandal], it becomes Chinese water torture. I think she has said all there is to say on this and needs to put it behind her. If you start to fall into a trap of responding to every little nuance, you lose.” (Politico, 6/1/2016)

June 14, 2016: Clinton claims to have just learned about the DNC network breach, and inaccurately claims her campaign has not been similarly targeted.

In an interview, Clinton is asked about a news report from earlier in the day that hackers allegedly linked to the Russian government breached the computer network of the DNC [Democratic National Committee]. She is asked the general question, “What can you tell us about that incident? How worrisome is it?”

She replies, “I only learned about it when it was made public. And it is troubling, just as all cyber-attacks against our businesses and our institutions, our government are. The Russians—and according to the reporting—who did this hacking were most likely in the employment of the Russian government.”

She also comments without being prompted, “So far as we know, my campaign has not been hacked into and we’re obviously looking hard at that.” (The Hill, 6/14/2016)

But two days later, Forbes reports that a security company hired by the Clinton campaign has determined many of her campaign staffers have been targeted by hackers in recent months, and there are indications some of their email accounts could have been breached. (Forbes, 6/16/2016)

June 15, 2016: Two-thirds of US voters think Clinton did something wrong in setting up her personal email address and server.

(Credit: CBS News)

(Credit: CBS News)

According to a CBS News poll, 41 percent think what she did was illegal and another 25 percent think it was improper but not illegal. Only 26 percent of voters say she did nothing wrong. (CBS News, 6/15/2016)

In a November 12, 2015 McClatchy-Marist poll, 28 percent thought she did something illegal and another 40 percent thought it was improper but not illegal, while 27 percent believed she did nothing wrong. (McClatchy Newspapers, 11/12/2015)

June 16, 2016: Various clues suggest that “Guccifer 2.0” could be a front for Russian hacking efforts.

Copy of the metadata and the nickname for Felix Dzerzhinsky, written in the Cyrillic alphabet. (Credit: Ars Technica)

Copy of the metadata and the nickname for Felix Dzerzhinsky, written in the Cyrillic alphabet. (Credit: Ars Technica)

On June 15, 2016, someone going by the name “Guccifer 2.0” claimed to be the “lone hacker” behind the breach of the DNC [Democratic National Committee] computer network reported in the media the day before.

However, various clues support the assertion by security experts hired by the DNC that the hacking effort is connected to the Russian government or at least originates from Russia:

  • The metadata of one file sent by Guccifer 2.0 to Gawker contains metadata indicating the last person to change the file used the nickname for Felix Dzerzhinsky (Феликс Эдмундович), a long-dead Russian statesman best known for founding the Soviet secret police.
  • The nickname is written in the Cyrillic alphabet, which means Guccifer 2.0’s computer was configured to use the Russian language and was connected to a Russian-language keyboard.
  • Another file contains some broken web links. The error message is also written in Russian, using the Cyrillic alphabet.
  • A blog post written by Guccifer 2.0 uses “)))” to indicate a smiley face. This is common in Eastern Europe and Russia but very uncommon elsewhere, due to differences with the Russian-language keyboard. (Ars Technica, 6/16/2016)
  • Other metadata indicates the person who saved the files used a cracked version of Office 2007, which is popular in Russia.
  • Vice News reports that Guccifer 2.0 had no online history prior to June 15, and “multiple security sources said they’d never heard of nor seen anyone by that alias” before that date. (Vice News, 6/16/2016)
  • Dave Aitel, CEO of Immunity Security, comments, “You don’t have the FBI or DHS [Department of Homeland Security] coming out and saying: ‘Hey we don’t think it’s Russia.’ If it is Russia, a nation state, it’s a pretty big deal. Otherwise the FBI would say: ‘We’re conducting an investigation.’ But they’re not saying that.”

Ars Technica comments, “Of course, it’s still possible that the Russian fingerprints were left intentionally by someone who has no connection to Russia, or by a Russian-speaking person with no connection to the Russian government, or any number of other scenarios.” (Ars Technica, 6/16/2016)