May 3, 2000: Secretary of State Madeline Albright chastises all State Department employees for being careless about security.

000503MadeleineAlbrightPolitico

Secretary of State Madeline Albright (Credit: Politico)

Albright gives a speech in front of 800 State Department officials in Washington, DC, that is also broadcast to other department officials in other states and countries. She says, ”I don’t care how skilled you are as a diplomat, how brilliant you may be at meetings, or how creative you are as an administrator, if you are not professional about security, you are a failure.” Her speech comes after some recently reported security breaches in her department, including the disappearance of a laptop containing classified information. She adds, “You may have seen reports indicating that I am furious about these incidents. Well, I am, and I hope you are, too.”

According to the New York Times, US diplomats privately acknowledge that they are sometimes cavalier about security. One unnamed longtime department official says, ”Nobody cares about security within the department.” (The New York Times, 5/4/2000)

January 19–20, 2001: John Deutch pleads guilty to mishandling government secrets, then Bill Clinton pardons him.

CIA Director John Deutch (Credit: public domain

CIA Director John Deutch (Credit: public domain

Deutch was CIA director from May 1995 to December 1996. Shortly after he retired from the job, it was discovered that he stored and processed hundreds of highly classified government files on unprotected home computers that he and his family also used to connect to the Internet. An investigation began which dragged on for years. He was stripped of his CIA security clearance in 1999.

On January 19, 2001, Deutch agrees to plead guilty to a misdemeanor for mishandling government secrets as part of a plea bargain with the Justice Department. However, just one day later, President Bill Clinton officially pardons him. This is Clinton’s last day as president. (The Associated Press, 1/24/2001)

Between January 26, 2005 and January 20, 2009: Limited BlackBerry use is allowed in the secretary of state’s suite, but is phased out for security concerns.

Secretary of State Condoleezza Rice (Credit: public domain)

Secretary of State Condoleezza Rice (Credit: public domain)

Condoleezza Rice is secretary of state from 2005 to 2009. Although she doesn’t use email much at all, her top aides doand at some point that becomes a security problem. In a February 2009 email, the NSA’s senior liaison to the State Department will explain what happens: “Former Secretary Rice had received waivers for her staff; however, use expanded to an unmanageable number of users from a security perspective, so those waivers were phased out and BlackBerry use was not allowed in her suite.”

When Clinton becomes the next secretary of state, she and her aides will want to use BlackBerrys too, but security officials won’t allow it after the growing problems with Rice’s aides. (Ars Technica, 3/17/2016)

2006 or Earlier: Justin Cooper provides computer help to Clinton and her aides well before Clinton becomes secretary of state.

In September 2015, Clinton’s future deputy chief of staff Huma Abedin will be interviewed under oath by the House Benghazi Committee. She will reveal that when she had an email or other computer problem while working on Clinton’s 2008 presidential campaign, or even earlier working as an aide when Clinton was a senator, Abedin would turn to Justin Cooper for help. “I usually called Justin. He was our go-to guy. He always was, you know, ‘I’m having a problem, can you help me fix it,’ and he always did…” She would also call on Cooper whenever Clinton was having an email problem.

Cooper will also be the person who suggests she get a clintonemail.com email account on Clinton’s private server shortly before Clinton becomes secretary of state, and then sets it up for her. This suggests his involvement managing Clinton’s private server starts early. Cooper is a longtime aide to Bill Clinton, but he apparently never has a government job or security clearance. (House Benghazi Committee, 10/21/2015)

2008: A government warning will be ignored in the way Clinton’s email server is set up and managed.

The federal government’s US National Institute of Standards and Technology (NIST), warns that exposed server ports are security risks. According to a 2015 Associated Press article, “It [says] remote-control programs should only be used in conjunction with encryption tunnels, such as secure VPN connections.”

But according to records from late 2012, the private email server used by Clinton while secretary of state from 2009 to 2013 will have exposed server ports, and it will use remote-control programs without encryption tunnels. This will leave it more vulnerable to hacker attacks. (The Associated Press, 10/13/2015)

Around June 2008: Clinton’s first private email server is set up in her house.

080601ApplePowerMcIntoshG4

The Apple Power Macintosh G4 Server (Credit: public domain)

According to the FBI, around 2007, Justin Cooper purchased an Apple OS X server. Cooper is a personal aide to former President Bill Clinton at the time. On February 1, 2008, the domain names clintonemail.com, wjcoffice.com, and presidentclinton.com were registered, but apparently the server that uses them won’t be operational until a few months later. The server is physically located in a house in Chappaqua, New York, where Bill and Hillary Clinton live.

The server consists of an Apple Power Macintosh G4 or G5 tower and an HP printer. According to Cooper, around June 2008, an Apple employee installs the server in the basement of the Chappaqua house. Cooper is the only person with administrative access to the server. However, the Clinton family and their house staff have physical access to it.

Hillary Clinton uses her att.blackberry.net email account as her primary email address until around mid-to-late January 2009 when she will switch to a newly created hdr22@clintonemail.com account hosted on this server. (Federal Bureau of Investigation, 9/2/2016)

August 2008: State Department rules prohibit the way some sensitive information will later be used on Clinton’s private server.

According to the State Department’s Foreign Affairs Manual (FAM), department employees are allowed to send most Sensitive But Unclassified (SBU) information unencrypted over the Internet only when necessary.

In August 2008, the FAM is amended to further toughen the rules on sending SBU information on non-department-owned systems at non-departmental facilities – such as Clinton’s later use of a private email server. Employees have to:

  • ensure that SBU information is encrypted
  • destroy SBU information on their personally owned and managed computers and removable media when the files are no longer required
  • implement encryption certified by the National Institute of Science and Technology (NIST)

The FBI will later determine that SBU information was frequently and knowingly sent to and from Clinton’s private server, but none of these steps were taken. (Federal Bureau of Investigation, 9/2/2016)

Mid-August 2008: The Chinese government apparently hacks into the 2008 presidential campaigns of Barack Obama and John McCain.

Admiral Dennis Blair (Credit: Sasakawa Peace Foundation USA)

Admiral Dennis Blair (Credit: Sasakawa Peace Foundation USA)

Hacking teams traced back to China are caught breaking into the computers of the Obama and McCain campaigns, resulting in high-level warnings to Chinese officials to stop. The computers, laptops, and mobile devices of top campaign aides and advisers who receive high-level briefings are particularly targeted. “Spear phishing” is used to get targets to open an attachment containing a virus that would allow data to be stolen from their computer.

Obama campaign manager David Plouffe will later say he got a call in the middle of August 2008 alerting him to the attack and that the FBI was investigating. However, the virus is extremely sophisticated, and it takes months for it to be completely removed from the networks of the two campaigns.

In a May 2009 speech, President Obama will make a general mention of the attacks: “Hackers gained access to emails and a range of campaign files, from policy position papers to travel plans.” However, the involvement of China’s government won’t be publicly revealed until June 2013.

Dennis Blair, director of national intelligence from 2009 to 2010, will comment that year, “Based on everything I know, this was a case of political cyberespionage by the Chinese government against the two American political parties. They were looking for positions on China, surprises that might be rolled out by campaigns against China.” (NBC News, 6/6/2013)

Shortly Before January 13, 2009: Huma Abedin allegedly wants Clinton’s email account on a private server and not on a server that is managed by someone else, so that is what is arranged.

In a September 2016 Congressional hearing, Justin Cooper will reveal some information about how Clinton’s use of a private email account on her private server begins. He will state: “Secretary Clinton was transitioning from her presidential campaign and Senate role and had been using primarily a BlackBerry for email correspondence. There were limitations to her ability to use that BlackBerry as well as desire to change her email address because a number of people have received her email address over the course of those activities. So we created with a discussion, I believe, with [Clinton aide] Huma Abedin at the time [about] what domains might be of interest. We obtained a domain and we added it to the original server used by President Clinton’s office for [Hillary Clinton] to use with her BlackBerry at the time…”

Note that Cooper registers three domain names on January 13, 2009, so this discussion must have occurred before then.

Representative Mark Meadows (Credit: public domain)

Representative Mark Meadows (Credit: public domain)

Representative Mark Meadows (R) will ask Cooper in the hearing: “So, your testimony here today is that Huma Abedin said that she would prefer to have Ms. Clinton’s email on a private server versus a server that was actually managed by someone else? That’s your testimony?”

Cooper will reply, “My testimony is that that was communicated to me.”

He will also clarify that when it came to talking to Abedin, “I don’t recall conversations with her about the setting up of the server.” But he also will say, “At some point I had a conversation with her about the setting up of an email account for Secretary Clinton on the server.” (US Congress, 9/13/2016)

However, in Abedin’s April 2016 FBI interview, she will say nothing like this. In fact, she will deny even knowing the server existed until it was mentioned in the media, despite her having an email account hosted on the server for the entire duration of Clinton’s tenure as secretary of state and at least three email exchanges that show her discussing the server during that time. (Federal Bureau of Investigation, 9/2/2016)

January 13, 2009: A Clinton aide registers the email domain that Clinton will use for her private server while Secretary of State.

Justin Cooper (Credit: Pave.com)

Justin Cooper (Credit: Pave.com)

Just prior to Hillary Clinton’s Senate confirmation hearing for secretary of state, Justin Cooper registers three email domains for Hillary Clinton at her Chappaqua, New York, address. One domain, clintonemail.com, will be used for all of Clinton’s emails for at least the next five years. (The Washington Post, 3/10/2015) (The New York Times, 8/8/2015)

Cooper is a long-time personal assistant to Bill Clinton. However, he has “no security clearance and no particular expertise in safeguarding computers, according to three people briefed on the server setup.” (The Washington Post, 8/4/2015)

January 21, 2009—February 1, 2013: Most State Department officials claim they don’t know Clinton has a private email address or uses a private server.

A sample email of the "H" as it appears in an email sent by Clinton. (Credit: public domain)

A sample address with the “H” as it appears in an email sent by Clinton. (Credit: public domain)

A September 2016 FBI report will indicate that “some Clinton aides and senior-level State [Department] employees were aware Clinton used a personal email address for State business during her tenure [as secretary of state]. Clinton told the FBI it was common knowledge at State that she had a private email address because it was displayed to anyone with whom she exchanged emails. However, some State employees interviewed by the FBI explained that emails from Clinton only contained the letter ‘H’ in the sender field and did not display her email address.”

The report also notes, “The majority of the State employees interviewed by the FBI who were in email contact with Clinton indicated they had no knowledge of the private server in her Chappaqua residence.”

Even Clinton’s closest aides like her chief of staff Cheryl Mills and deputy chief of staff Huma Abedin will claim they didn’t know, though there is evidence that suggests otherwise (Federal Bureau of Investigation, 9/2/2016)

January 21, 2009—February 1, 2013: Hundreds of Clinton’s emails are printed out by a Bill Clinton staffer; he may have a relevant security clearance.

Clinton presents a letter of congratulations and signed photo to Chief Culinary Specialist Oscar Flores during his retirement ceremony aboard the USS Makin Island on April 1, 2010. (Credit: Chief Mass Communication Specialist John Lill / US Navy)

Clinton presents a letter of congratulations and signed photo to Chief Culinary Specialist Oscar Flores during his retirement ceremony aboard the USS Makin Island on April 1, 2010. (Credit: Chief Mass Communication Specialist John Lill / US Navy)

A September 2016 FBI report will mention that the FBI determined “hundreds of emails” were sent by Clinton’s deputy chief of staff Huma Abedin and other State Department staffers to a member of Bill Clinton’s staff so he could print them out for Clinton. His name will be redacted, but he is almost certainly Oscar Flores, because the report will mention that he is a member of the US Navy Reserves, which Flores is at the time.

Some of these emails will later be determined to contain information classified at the “confidential” level, including six email chains forwarded by Abedin and one email chain forwarded by Clinton.

But the FBI will determine that Flores received a security clearance at the “secret” level on October 25, 2007 from the Defense Department. Furthermore, although Flores retires from the US Navy Reserves in September 2010, there is no indication his security clearance is deactivated at that time. (Federal Bureau of Investigation, 9/2/2016)

January 21, 2009—February 1, 2013: Hundreds of classified emails are sent or received by Clinton while she is outside the US, including some to or from President Obama.

Clinton boards the State Department jet with her BlackBerry, destination unknown. (Credit: Andrew Harnik / The Associated Press)

Clinton boards the State Department jet while using her BlackBerry, date and location are unknown. (Credit: Andrew Harnik / The Associated Press)

This is according to a September 2016 FBI report. The report indicates that Clinton and her immediate staff were repeatedly “notified of foreign travel risks and were warned that digital threats began immediately upon landing in a foreign country, since connection of a mobile device to a local network provides opportunities for foreign adversaries to intercept voice and email transmissions.”

Additionally, the State Department has a Mobile Communications Team responsible for establishing secure mobile voice and data communications for Clinton and her team wherever they travel. But even so, Clinton and her staff frequently use their private and unsecure mobile devices and private email accounts while overseas.

The number of Clinton emails sent or received outside the US will be redacted in the FBI report. Although it will mention that “hundreds” were classified at the “confidential” level, additional details are redacted. Nearly all mentions of “top secret” emails are redacted in the report, so it’s impossible to know if any of those are sent while Clinton is overseas.

The report will mention that some emails between Clinton and President Obama are sent while Clinton is overseas. However, the exact number will be redacted. None of these overseas emails between them will be deemed to contain classified information. According to the report, “Clinton told the FBI that she received no particular guidance as to how she should use President Obama’s email address…”

The details of the FBI’s report on Clinton’s July 2016 FBI interview will indicate that Clinton emailed Obama on July 1, 2012 from Russia. However, it is not clear if she sent the email from on the ground or on a plane. (Federal Bureau of Investigation, 9/2/2016)

Shortly After January 24, 2009: Cheryl Mills claims Clinton could not or would not use a personal computer.

In a May 2016 court deposition, Clinton’s former chief of staff Cheryl Mills will be asked what she thought of State Department official Patrick Kennedy’s idea in a January 24, 2009 email that a computer be installed in Clinton’s office so she could use it to check her emails.

Clinton sitting in front of a computer screen. (Credit: Reuters)

Clinton sitting in front of a computer screen. (Credit: Reuters)

Mills will reply, “Secretary Clinton was not a computer user. And so I don’t know that it solved the solution of being able to be in communication electronically with her staff. […] I don’t know why it was not set up. I do know that she was not someone who used a computer. And so to the extent the objective was to place that computer there for her use, it would not have been used.”

Mills says she might have discussed the issue with Clinton, but she doesn’t remember. Clinton continues to use her BlackBerry as well as an iPad to check her emails instead. (Judicial Watch, 5/31/2016)

March 2009: Clinton’s personal email server is replaced; she will use the new one for the rest of her term as secretary of state.

Justin Cooper, an aide to former President Bill Clinton, has been working with Bryan Pagliano, who worked as a computer technician on Hillary Clinton’s 2008 presidential campaign, to build a new private server located in the Clintons’ Chappaqua, New York, house. Some time in March 2009, Pagliano and Cooper met at the Chappaqua house to physically install the server and related equipment in a server rack in the basement.

Once the new server is up and running, Pagliano migrates the email data from the old server to the new one. Pagliano will later be interviewed by the FBI, and he will claim that after the migration, no email content should have remained on the old server. He will tell the FBI that he only transferred clintonemail.com email accounts for Clinton aide Huma Abedin and others (whose names will later be redacted), and he was unaware of and did not transfer an email account for Hillary Clinton.

However, Clinton emails using a clintonemail.com domain address start getting sent in January 2009, showing she must had had an account on the old server since that time. Cooper will also later be interviewed by the FBI, and he will say he believed Clinton had a clintonemail.com email account on the old server and Abedin did not. The FBI will be unable to obtain the old server to analyze it, so the dispute has not been fully resolved.

130601DellPowerEdge2900public

The Dell Power Edge 2900 (Credit: public domain)

This new server will be used for the rest of Clinton’s term as secretary of state, then will be replaced in 2013. Later in March 2009, the old server is repurposed to serve as a personal computer for household staff at Clinton’s Chappaqua house. (Federal Bureau of Investigation, 9/2/2016)

The Washington Post will later report, “The server was nothing remarkable, the kind of system often used by small businesses, according to people familiar with its configuration at the end of her tenure. It consisted of two off-the-shelf server computers. Both were equipped with antivirus software. They were linked by cable to a local Internet service provider. A firewall was used as protection against hackers.” (The Washington Post, 3/27/2016)

According to the FBI, the new server initially consists of the following equipment: “a Dell PowerEdge 2900 server miming Microsoft Exchange for email hosting and management, a Dell PowerEdge 1950 server miming BlackBerry Enterprise Server (BES) for the management of BlackBerry devices, a Seagate external hard drive to store backups of the Dell PowerEdge 2900 server, a Dell switch, a Cisco firewall, and a power supply.” (Federal Bureau of Investigation, 9/2/2016)

In 2015, Hillary Clinton will say of her server, “It was sitting there in the basement. It was not any trouble at all.” (The Wall Street Journal, 9/27/2015)

Around Spring 2009: Pagliano is warned that classified information could be sent to Clinton’s private server, but there is no sign he takes action or passes this warning on.

When Clinton’s computer technician Bryan Pagliano is interviewed by the FBI in December 2015, he will recall a conversation with a person whose name is redacted that takes place at the beginning of Clinton’s tenure as secretary of state. According to the FBI, this person “advised he would not be surprised if classified information was being transmitted to Clinton’s personal server.”

Pagliano joins the State Department in May 2009, and he also is the main person to manage problems with the server. But there is no mention of him taking any action about this warning or passing it on to anyone else. The unnamed person also gives Pagliano advice on how to improve the server security that goes unheeded as well. (Federal Bureau of Investigation, 9/2/2016)

Around Spring 2009: Clinton’s computer technician is advised to make a key improvement to the security of Clinton’s private server, but the improvement is never made.

When Bryan Pagliano, the manager of Clinton’s private server while she Clinton’s is secretary of state, will be interviewed by the FBI in December 2015, he will recall a conversation that takes place around the beginning of Clinton’s tenure. This person, whose name is later redacted, recommends that email transiting from a state.gov account to Clinton’s private server should be sent through a Transport Layer Security (TLS) “tunnel.” Most of Clinton’s email traffic is with State Department officials using state.gov accounts.

A diagram of the Transport Layer Security (TLS) (Credit: public domain)

A diagram described as Networking 101: Transport Layer Security (TLS) (Credit: public domain)

A September 2016 FBI report will explain: “TLS is a protocol that ensures privacy between communicating applications, such as web browsing, email, and instant messaging, with their users on the Internet. TLS ensures that no third-party eavesdrops on the two-way communication. TLS is the successor to SSL and is considered more secure.”

Pagliano is the main person to manage problems with the server, but he will tell the FBI that the transition to TLS never occurred. It is not clear why. The FBI will be unable to forensically determine if TLS was ever implemented on the server.

The same unnamed person who gives Pagliano this advice also tells him at the same time that he would not be surprised if classified information was being transmitted to Clinton’s personal server.  (Federal Bureau of Investigation, 9/2/2016)

April 3, 2009: Clinton’s top aides privately complain that people who know Clinton’s old email address still have emails forwarded to her.

A State Department official (whose name is later redacted) sends an email to Clinton. The unnamed official had been sponsored by Clinton for a security position but had failed the security tests, and so he directly appeals to her for assistance.

Clinton forwards the email to her chief of staff Cheryl Mills and her deputy chief of staff Huma Abedin and asks them, “Could you follow up on this?”

It is unknown what becomes of the official’s request. However, Mills then complains in an email just to Abedin, “Personally, I think this is outrageous that staff go straight to her on this stuff.”

Abedin replies to Mills, “This is unbelievable. And she also should not be giving her email to everyone [because] she will get stuff like this.”

Mills then responds back, “She’s not giving her email to new people. People who emailed her old Senate address are still being forwarded to her new address. Most of her Senate staff had access to that address. Justin [Cooper] can fix it but I need her berry [BlackBerry] and she takes that thing to every toilet, to the shower, so [it’s] hard to get my hands on that thing…” (US Department of State, 6/9/2016)

2010: Clinton appears in a cybersecurity video for State Department personnel.

It will remain publicly unknown until the video is leaked to Fox News in October 2016.

A photo capture of Clinton as she appears in the 2010 cybersecurity video. (Credit: Fox News)

A photo capture of Clinton as she appears in the 2010 cybersecurity video. (Credit: Fox News)

In the video, Clinton says that employees have a “special duty” to recognize the importance of cybersecurity. “The real key to cybersecurity rests with you. Complying with department computing policies and being alert to potential threats will help protect all of us.”

According to a later account by Fox News, “Clinton goes on in the video to underscore the important work the State Department Bureau of Diplomatic Security and IT department were doing to guard against cyber-attacks. She warns hackers try to ‘exploit’ vulnerabilities and penetrate department systems. She then urges staffers to log onto the internal cybersecurity awareness website or subscribe to their ‘cybersecurity awareness newsletter.’”

Representative Jason Chaffetz (R), chair of the House Oversight and Government Reform Committee, will later find the video ironic, given Clinton’s own security issues with her private email server. He will say, “Hillary Clinton needs only to look into the mirror to find the biggest cybersecurity risk.”

Clinton spokesperson Brian Fallon will say, “This is not new. It has been widely reported that during Clinton’s tenure the State Department issued these kinds of warnings about possible cybersecurity to employees. These warnings were more than appropriate given that it was subsequently confirmed that State’s email was hacked.” (Fox News, 10/22/2016)

Around Mid-2010 and After: After contacting a Secret Service agent about frequent hacking attacks on Clinton’s server, the managers of the server apparently never contact anyone else from other government departments for help.

Justin Cooper (Credit: Alex Wong / Getty Images)

Justin Cooper (Credit: Alex Wong / Getty Images)

According to a September 2016 FBI report, Justin Cooper, a Bill Clinton aide who is helping to manage Clinton’s private server, contacts a Secret Service agent at some point during Clinton’s tenure as secretary of state. It is not clear when this happens, but apparently it is not long after the server begins to be frequently targeted by brute force hacking attacks around the middle of 2010.

Cooper will be asked about this in a September 2016 Congressional hearing shortly after the FBI report is published. He will say, “when we first experienced some of the repeated failed login attempts, I reported them to the Secret Service. … There was an instance where we shared some logs with [them]. … The Secret Service looked at logs from the server and made some recommendations to [server manager Bryan] Pagliano about the possible origins of those failed logins and some techniques he might use to mitigate that problem.” (The Secret Service agent will give advice on improving the server’s security that will not be followed.)

However, when Cooper is asked by Representative Blake Farenthold (R), “Did you turn over the logs and notifications that you received to the FBI, the emails of brute force attacks?” Cooper will say the FBI was not contacted.

Representative Jody Hice (Credit: Twitter)

Representative Jody Hice (Credit: Twitter)

Additionally, when Representative Jody Hice (R) will ask if Cooper consulted with any other “department or agency in the government,” Cooper will say, “No. No consultations of that type.” He will also specifically mention the State Department wasn’t consulted. (US Congress, 9/13/2016)

It’s possible that Pagliano contacted others, but the FBI will interview both Cooper and Pagliano in its investigation and then will mention only the contact with the Secret Service in its final report.

The number of hacking attacks steadily grows through the rest of Clinton’s time in office. (Federal Bureau of Investigation, 9/2/2016)

Around Mid-2010 to January 2013: “Brute force” hacking attempts on Clinton’s private server begin and steadily increase, but it is unknown if any are successful.

Blake Farenthold (Credit: Bill Clark / Congressional Quarterly Roll Call)

Blake Farenthold (Credit: Bill Clark / Congressional Quarterly)

Bryan Pagliano, the manager of Clinton’s private server while she is secretary of state, will be interviewed by the FBI in December 2015. According to an FBI report, he will claim that the server suffered no known security breaches. However, “he was aware there were many failed login attempts, which he referred to as brute force attacks. He added that the failed attempts increased over the life of the [server], and he set up the server’s logs to alert [Justin] Cooper when they occurred. Pagliano knew the attempts were potential attackers because the credentials attempting to log in did not match legitimate users on the system. Pagliano could not recall if a high volume of failed login attempts emanated from any specific country.”

The FBI report will explain, “A brute force attack is a trial-and-error method used to obtain information, such as a password… In a brute force attack, passwords may be attempted manually or automated software can be used to generate a large number of consecutive guesses as to the targeted information.” (Federal Bureau of Investigation, 9/2/2016)

Cooper, a Bill Clinton aide who helped Pagliano manage the server, will be asked about brute force attacks in a September 2016 Congressional hearing. He will respond, “I can’t say with any specificity how many had happened. They happened with some limited frequency over the period of, I’d say the last two and a half years, while she was in office. But we had developed systems to tamper these down.”

Representative Blake Farenthold (R) will ask Cooper that if the brute force attacker managed to enter the correct user name and password, “you wouldn’t have been notified, would you? You would have thought it was Mrs. Clinton or some legitimate user actually getting in?”

After further questioning, Cooper will admit that he only looked at failed attempts and didn’t check for related successful log-ins. (US Congress, 9/13/2016)

Around Mid-2010: A Secret Service agent advises Pagliano to take a step to improve the security of Clinton’s private server, but the step is not taken.

After Bryan Pagliano sets up Clinton’s new private server in January 2009, he sets up Internet Protocol (IP) filtering on the firewall, once a firewall is established in late March 2009. Pagliano will later tell the FBI that he tried to review the firewall log files once a month.

The US Secret Service Badge (Credit: public domain)

The US Secret Service Badge (Credit: public domain)

At some point, Justin Cooper, a Bill Clinton aide who is helping Pagliano manage the server, puts Pagliano in contact with a US Secret Service agent. The timing of this is not clear. However, in a September 2016 Congresssional hearing, Cooper will say it happened after Clinton’s server started to get frequent “brute force” hacking attacks, and that begins around the middle of 2010.

This agent recommends that Pagliano should also perform outbound filtering of email traffic. According to a September 2016 FBI report, “Pagliano further considered, but ultimately did not implement, a Virtual Private Network (VPN) or two-factor authentication to better secure administrative access to the server system by him and Cooper.”

The FBI report will explain: “‘VPN’ is a private network that runs on top of a larger network to provide access to shared network resources, which may or may not include the physical hard drives of individual computers… VPN offers an additional layer of security by encrypting the data traveling to the private network before sending it over the Internet. Data is then decrypted when it reaches the private network. … ‘Two-factor authentication’ is a method of confirming a user’s claimed identity by utilizing a combination of two different components…” (Federal Bureau of Investigation, 9/2/2016) (US Congress, 9/13/2016)

November 28, 2010: WikiLeaks releases over 250,000 State Department cables, but Clinton does not change her unsecure communication methods.

Mark Penn (Credit: PR News)

Mark Penn (Credit: PR News)

WikiLeaks, working with several major media outlets, begins publicly releasing over 250,000 diplomatic cables between the State Department and US embassies around the world. The cables date from 1966 to February 2010. None of the cables are classified at a level higher than “confidential,” the lowest classification level.

Clinton responds with the public comment, “This disclosure is not just an attack on America’s foreign policy interests, it is an attack on the international community: the alliances and partnerships, the conversations and negotiations that safeguard global security and advance economic prosperity. […] It puts people’s lives in danger, threatens our national security, and undermines our efforts to work with other countries to solve shared problems.” (USA Today, 11/29/2010) (The New York Times, 11/28/2010) 

Mark Penn, Clinton’s chief strategist for her 2008 presidential campaign, sends Clinton an email in which he recommends, “I think you need to order a full scale review and upgrading of the cyber security of the State Department immediately.” (US Department of State, 9/30/2015) 

However, despite this being the largest breach of State Department classified information in history, Clinton doesn’t change her personal communication methods, and continues to use an unsecured BlackBerry and an unsecured private email server. It is unknown if the State Department changes its cybersecurity as a whole, and if so, how.

Late 2010 or Early 2011: Clinton’s computer technician is given a briefing; this shows some know Clinton has a private server.

Bryan Pagliano giving a speech in March 2011. (Credit: public domain)

Bryan Pagliano giving a speech in March 2011. (Credit: public domain)

According to later released emails, Bryan Pagliano receives an IT [information technology] security briefing in late 2010 or early 2011. It has to do with cybersecurity risks facing the State Department. A letter by Charles Grassley (R) which summarizes the emails says this briefing is “in connection with his work on the Secretary’s non-government server.” Pagliano continues to run Clinton’s private email server after he is hired by the State Department in May 2009, and at least initially, his bosses and co-workers don’t know about his second job with Clinton’s server. It’s not clear who else learns about it and when. (Reuters, 3/24/2016) (US Department of State, 5/25/2016)

2011: Clinton misses a cybersecurity presentation meant just for her.

Julia Frifield (Credit: The Department of State Archives)

Julia Frifield (Credit: The Department of State Archives)

State Department diplomatic security staff give a cybersecurity PowerPoint presentation meant for Clinton. However, she doesn’t attend it. According to a 2016 letter by Julia Frifield, the department’s assistant secretary for legislative affairs, “although the PowerPoint indicates the briefing was for former Secretary Clinton, we understand from the testimony of the briefers that she was not in attendance.” The PowerPoint presentation has not yet been declassified so it can be publicly released. (US Senate Judiciary Committee, 3/3/2016)

2011—2014: In yearly reports, the State Department’s inspector general identifies poor cybersecurity as a “significant deficiency” that puts the Department’s information at risk.

The department has only an acting inspector general for most of this time. (The Associated Press, 6/8/2016)

January 9, 2011–January 10, 2011: Clinton’s private server is shut down after an apparent hacking attack.

Kim Jong Il (front right) posing with Bill Clinton (front left) and his delegation, Justin Cooper (back left), John Podesta (back center), Doug Band (back right), in Pyongyang on August 4, 2009, to secure the release of detained American journalists Euna Lee and Laura Ling. (Credit: Lee Jin-man / The Associated Press)

Kim Jong Il (front right) posing with Bill Clinton (front left) and his delegation, Justin Cooper (back left), John Podesta (back center), Doug Band (back right), in Pyongyang on August 4, 2009, to secure the release of detained American journalists Euna Lee and Laura Ling. (Credit: Lee Jin-man / The Associated Press)

Justin Cooper is a former advisor to President Clinton who provides technical support to Clinton’s private email server. On January 9, 2011, he emails Clinton’s deputy chief of staff, Huma Abedin, that “he had to shut down the server” because he believes “someone was trying to hack us and while they did not get in I didn’t want to let them have the chance to.”

Later in the day, Cooper emails Abedin to warn her, “We were attacked again so I shut [the server] down for a few min [minutes].”

On January 10, Abedin emails Clinton’s chief of staff, Cheryl Mills, and another Clinton aide and tells them not to email “anything sensitive” to Clinton, and says she can “explain more in person.”

Department policy requires employees to report suspicious cybersecurity incidents to security officials. However, a 2016 State Department inspector general’s investigative report will find no evidence that Clinton or her staff reported this incident to anyone else within the department. (US Department of State, 5/25/2016)

March 11, 2011: A State Department security official warns Clinton and others to minimize the use of personal email accounts due to “spear phishing” attacks.

Assistant Secretary for Diplomatic Security Eric Boswell sends a memo to Clinton and other top State Department officials with the subject: “Compromise of Officials’ Personal Email Accounts.”

110311boswell_memo

A sample of Eric Boswell’s memo to Clinton that is titled “Compromise of Officials’ Personal Email Accounts.” (Credit: public domain)

It states, “Threat analysis by the DS [Diplomatic Security] cyber security team and related incident reports indicate a dramatic increase since January 2011 in attempts by”—the next phrase is later redacted on the grounds of containing “foreign government information”—“to compromise the private home email accounts of senior Department officials. … Specifically, the actors are sending cleverly forged emails to victims’ private web-based accounts (e.g. Gmail, Hotmail, Yahoo). These ‘spear phishing’ messages appear to be sent by US government officials but are designed to trick recipients into activating embedded malicious code by clicking on an attachment or link. Although the targets are unclassified, personal email accounts, the likely objective is to compromise user accounts and thereby gain access to policy documents and personal information that could enable technical surveillance and possibly blackmail.”

Boswell concludes, “We urge Department users to minimize the use of personal web email for business, as some compromised home systems have been reconfigured by these actors to automatically forward copies of all composed emails to an undisclosed recipient.” (US Department of State, 11/5/2015

Between May and July 2011, Clinton will get three emails that seems to perfectly fit Boswell’s warning. Despite this, Clinton continues to exclusively use a private email address for all her work and personal emails. (US Department of State, 10/30/2015) (US Department of State, 5/25/2016)

April and May 2011: Clinton and her top aides are warned again to minimize the use of personal emails for business due to hacker attacks.

In March 2011, State Department security officials warned Clinton and other senior officials that there was a “dramatic increase” in hacker attacks specifically targeting senior US officials. It concluded, “We urge department users to minimize the use of personal web email for business.”

This is followed by a cybersecurity briefing in April 2011 and then another one in May. Clinton’s immediate staff and other top officials attend the briefings, but it is not clear if Clinton herself does. However, after Clinton ends her term in 2013, a copy of a classified presentation used during one of the briefings will be found in her papers. It contains warnings similar to the March 2011 warning. (US Department of State, 5/25/2016)

May 13–14, 2011: Clinton appears to be the target of two hacking attacks, but fails to notify security about them.

William Joseph Burns (Credit: Carenegie Endowment for International Peace)

William Burns (Credit: Carenegie Endowment for International Peace)

Clinton’s deputy chief of staff Huma Abedin sends an email to another close Clinton staffer discuss Clinton’s concern that someone has been “hacking into her email” after she received an email with a suspicious link to a website with pornographic material.

The FBI will later report, “There is no additional information as to why Clinton was concerned about someone hacking into her email account or if the specific link referenced by Abedin was used as a vector to infect Clinton’s device…”

Several hours later, Clinton receives an email from the personal account of Under Secretary of State for Political Affairs William Burns that also has a link to a suspect website.

The next day, Clinton emails Burns: “Is this really from you? I was worried about opening it!” Department policy requires employees to report suspicious cybersecurity incidents to security officials. However, a 2016 State Department inspector general’s investigative report will find no evidence that Clinton or her staff reports this incident to anyone else within the department. It is unknown if either hacking attack is successful, since the incidents were not investigated at the time. (US Department of State, 5/25/2016) (Federal Bureau of Investigation, 9/2/2016)

The FBI will later be unable to determine if Clinton ever opened the attachment. But “Open source information indicated, if opened, the targeted user’s device may have been infected, and information would have been sent to at least three computers overseas, including one in Russia.” (Federal Bureau of Investigation, 9/2/2016)

In March 2011, a State Department security official warned Clinton and others that there was a dramatic increase in attempts “to compromise the private home email accounts of senior Department officials. […] Specifically, the actors are sending cleverly forged emails to victims’ private web-based accounts… These ‘spear phishing’ messages appear to be sent by US government officials but are designed to trick recipients into activating embedded malicious code by clicking on an attachment or link. […] We urge Department users to minimize the use of personal web email for business…” (US Department of State, 11/5/2015) Despite such warnings and incidents, Clinton continues to exclusively use a private email address for all her work and personal emails.

June 2011—August 2012: A US ambassador is warned not to use private email for daily work matters, but Clinton’s identical behavior does not result in any warnings.

Scott Gration (Credit: New Republic)

Scott Gration (Credit: New Republic)

In June 2011, shortly after Scott Gration becomes the new US ambassador to Kenya, the State Department’s Bureau of Diplomatic Security (DS) learns that he has sent out a revised policy allowing himself and other personnel in his embassy to use private email addresses for the daily communication of official government business.

Gration’s new policy happens to take place the same month the department sends out a cable warning all embassies to “avoid conducting official department business from your personal email accounts” due to a surge in hacking attacks of the personal emails of government employees. DS warns Gration they will be sending an experienced computer security officer to Kenya to reestablish proper communications procedures. DS officials also email him that this visit will be “especially timely in the wake of recent headlines concerning a significant hacking effort directed against the private, web-based email accounts of dozens of senior [government] officials…”

However, Gration continues to use his private email for work matters. Then, on July 20, 2011, a DS cable quotes from the department’s Foreign Affairs Manual (FAM): “it is the department’s general policy that normal day-to-day operations be conducted on an authorized [system].” The cable then warns, “Given the threats that have emerged since 2005, especially in regard to phishing and spoofing of certain web-based email accounts, we cannot allow the proliferation of this practice beyond maintaining contact during emergencies,” and there is nothing in his situation that would warrant an exception.

But Gration ignores these warnings and continues to use his personal email account.

The department then initiates disciplinary proceedings against him for this and several other infractions, but he resigns in August 2012, just weeks before any disciplinary measures are due to be imposed.

However, even though Clinton uses only a private email account for all her emailed work matters, she is not warned or disciplined like Gration. Furthermore, Clinton doesn’t change her email habits after the measures taken against Gration’s email habits are reported internally and in the press.  (US Department of State, 5/25/2016) (US Department of State, 3/5/2015) (The New Republic, 6/20/2012)

June 2, 2011: The White House says all work matters need to be done on government email accounts.

Jay Carney (Credit: CNN)

Jay Carney (Credit: CNN)

White House Press Secretary Jay Carney is asked to address news reports that Chinese hackers have targeted the personal email accounts of US officials. He says, “Well, the US government policy, certainly, the administration policy that is effective here, is that all of our work is conducted on work email accounts. […] We are definitely instructed that we need to conduct all of our work on our government accounts as part of the Presidential Records Act. I’m not aware of any law or rule that suggests that government workers cannot have separate private email accounts [for personal use].” (The White House, 6/2/2011)

June 2, 2011: Chinese hackers are targeting Gmail accounts of senior US officials, but top Clinton aides keep using Gmail account for work.

The Google Gmail logo (Credit: Google)

The Google Gmail logo (Credit: Google)

Google Inc. publicly announces that hackers based in China are targeting the email accounts of senior US officials and hundreds of other prominent people. The attacks are on users of Google’s Gmail email service. If successful, the hackers are able to read the emails of their targets. (The Wall Street Journal, 6/2/2011) 

Clinton’s chief of staff Cheryl Mills conducts government work through her Gmail account. Philippe Reines, Clinton’s senior advisor and press secretary, has a government account and a Gmail account, and uses both for work. However, there’s no evidence Mills or Reines stops using Gmail for work after this news report. (Judicial Watch, 9/14/2015) (Politico, 10/5/2015) 

Furthermore, two days later, Mills indicates in an email that there was an attempt to hack her email: “As someone who attempted to be hacked (yes I was one)…” (CBS News, 9/30/2015

Later in the month, the State Department will issue a warning to all employees not to use private emails for work, but apparently Mills and Reines still won’t stop using their Gmail accounts for work. (The Washington Post, 3/27/2016)

June 4, 2011: Cheryl Mills suggests Clinton shouldn’t “telegraph” she and her staffers use private email for work matters, and also reveals someone tried to hack her account.

Mills, Clinton’s chief of staff, is responding to a suggestion from another State Department official that someone in the department should make a public complaint about the poor state of the department’s email system. Mills writes, “As someone who attempted to be hacked (yes I was one), I am not sure we want to telegraph how much folks do or don’t do off state mail [because] it may encourage others who are out there.” (Bloomberg News, 10/1/2015) (US Department of State, 9/30/2015) 

Just two days earlier, Google gave a public warning that Chinese hackers were targeting US government officials using Google’s Gmail email service, and Mills uses a Gmail account for some work matters, in addition to her department email account. (The Wall Street Journal, 6/2/2011) (Judicial Watch, 9/14/2015)

June 28, 2011: State Department employees are warned not to do government work on private email accounts due to a hacking threat.

A department cable issued under Clinton’s signature orders all employees to “Avoid conducting official Department business from your personal email accounts” because it has been discovered that hackers are targeting the personal emails of government employees. (The Washington Post, 3/10/2015) (US Department of State, 3/5/2015) 

This comes in response to reports that Gmail accounts of government workers had been targeted by “online adversaries.”

However, Clinton herself ignores the warning and continues to use her unsecure BlackBerry and her private server. (The Washington Post, 3/27/2016)

In a July 2016 FBI interview, Clinton will claim that “she did not recall this specific notice, and she did not recall receiving any guidance from State regarding email policies outlined in the State FAM [Foreign Affair Manual].” (Federal Bureau of Investigation, 9/2/2016)

July 26, 2011: Clinton jokes about Chinese hackers but doesn’t take steps to combat the hacking.

Clinton types on her phone during a visit to Brasilia, Brazil, in April, 2012. (Credit: CNN)

Clinton types on her phone during a visit to Brasilia, Brazil, in April, 2012. (Credit: CNN)

In June 2011, Google Inc. publicly warned that hackers based in China were targeting the Gmail email accounts of senior US officials. (The Wall Street Journal, 6/2/2011) On this day, Clinton shows awareness of the problem through a joke.

Another State Department official sends Clinton an email, and some confusion results about the official’s two email accounts.

Clinton writes, “I just checked and I do have your state but not your Gmail – so how did that happen. Must be the Chinese!” (US Department of State, 9/3/2015)  

After that official says “You’ve always emailed me on my State email,” Clinton jokes again, “Weird since my address book only has your Gmail. Maybe the Chinese hacked it and focused on you!”  (US Department of State, 10/30/2015)

But despite this awareness,But despite this awareness, and a State Department warning not to use any private email addresses due to the problem that was sent out in Clinton’s name, Clinton apparently fails to make any changes to her own private email use and security set-up. (The Washington Post, 3/27/2016)

July 27, 2011: Clinton appears to be targeted by a “spear phishing” email.

Neera Tanden (Credit: Andrew Harrer / Bloomberg News)

Neera Tanden (Credit: Andrew Harrer / Bloomberg News)

Clinton receives an email that purports to be from Neera Tanden, the president of the Center for American Progress. The subject heading is “Exclusively For You.” The text of the short email says, “Look what I’ve found”—an Internet link follows —“Here is a very nice offer. Enjoy.”

Clinton replies, “Neera–did you send me this? If not, I think your email address book has been hacked. If so, why? Anyway, hope you’re well.” (US Department of State, 10/30/2015)

In February 2011, a State Department security official warned to Clinton and others that there was a dramatic increase in attempts “to compromise the private home email accounts of senior Department officials. […] Specifically, the actors are sending cleverly forged emails to victims’ private web-based accounts… These ‘spear phishing’ messages appear to be sent by US government officials but are designed to trick recipients into activating embedded malicious code by clicking on an attachment or link. […] We urge Department users to minimize the use of personal web email for business…” (US Department of State, 11/5/2015) 

Clinton apparently was the target of two other “spear phishing” attacks in May 2011, and she was warned again in June 2011 that the personal emails of government employees were being targeted by hackers. (US Department of State, 3/5/2015) (US Department of State, 5/25/2016

The email from Tanden appears to perfectly fit this warning, and likely was not intentionally sent by Tanden at all. It is unknown if Clinton clicked on the link before realizing the email was bogus. Despite such warnings and this incident, Clinton continues to exclusively use a private email address for all her work and personal emails.

August 3, 2011: Hackers linked to Russia try at least five times to break into Clinton’s private email account.

Between 1:44 a.m. and 5:26 a.m., five very similar emails are sent to her account, disguised as speeding ticket. The headings on all five emails read, “UNIFORM TRAFFIC TICKET,” and they come from different nyc.gov email addresses. The emails instruct Clinton to print out an attachment. If she does so, hackers would be able to take over her computer.

CBS News will later report, “It is unclear whether she clicked on any attachment and exposed her account, but the syntax, misspelling, and formatting errors in the emails would have given Clinton a strong indication that these were phishing emails.”

“Phishing” is when “spam” emails are sent out in large numbers in an attempt to trick people into divulging critical personal information. If someone replies to this attempt, the results would be sent to at least computers overseas, including one in Russia. That does not mean the Russian government was involved. A Clinton spokesperson will later say that there is no evidence Clinton ever opened the attachments. “All these emails show is that, like millions of other Americans, she received spam.” (CBS News, 9/30/2015)

2012: Clinton’s private server is vulnerable to a hacker attack described in a government warning.

Marc Maiffret (Credit: Fox News Business)

Marc Maiffret (Credit: Fox News Business)

The Homeland Security Department’s Computer Emergency Readiness Team issues a warning about remote access attacks, that would allow hackers to take control of computers. The warning notes that “An attacker with a low skill-level would be able to exploit this vulnerability.”

In 2015, the Associated Press will report that Clinton’s private email server could have been vulnerable to a hostile takeover by this very type of attack. Clinton’s server appears to have lacked encrypted protections, and could accept commands from the computers over the Internet.

Marc Maiffret, who founded two cybersecurity companies, will later comment, “That’s total amateur hour. […] Real enterprise-class security, with teams dedicated to these things, would not do this.”

Another cybersecurity expert, Justin Harvey, will comment that Clinton’s server “violates the most basic network-perimeter security tenets: Don’t expose insecure services to the Internet.” (The Associated Press, 10/13/2015)

2012: Clinton’s private server is still run on software newly prohibited by the State Department.

At some point in 2012, The State Department bans the use of remote-access software for its technology officials to maintain unclassified servers, unless a waiver is given. It also bans all instances of remotely connecting to classified servers. However, according to records from December 2012, Clinton’s private email server continues to use remote-access software, and no evidence of a waiver allowing this has yet emerged.

Computer security expert Mikko Hypponen will say in 2015 that the use of remote-access software on her server was “clearly serious” and could have allowed hackers to run malicious software on it. (The Associated Press, 10/13/2015)

March 18, 2012: An email chain shows Clinton asking help from Pagliano when she has trouble getting her emails.

There is an email chain this day started by Clinton, with all emails in it between Clinton, Justin Cooper, Bryan Pagliano, and Oscar Flores. Cooper (a Bill Clinton aide) and Pagliano (a State Department official) are jointly managing Clinton’s private server, with Cooper doing more of the customer service and Pagliano more of the technical aspects. Flores helps manage Clinton’s home in Chappaqua, New York, where the server is located.

Clinton begins the email chain with the subject heading “Help!” She writes: “Once again, I’m having BB [BlackBerry] trouble. I am not receiving emails although people are getting ones I send but I get their replies on my IP [iPad]. I’ve taken out the battery and done what I know to do but with no luck yet any ideas?”

Cooper sends two replies trying to solve the problem, with Clinton giving a short reply to one of them.

Hillary Clinton (Credit: Robert Shiro / The Associated Press) and Bryan Pagliano (Credit: Fox News)

Hillary Clinton (Credit: Robert Shiro / The Associated Press) and Bryan Pagliano (Credit: Fox News)

Then Pagliano writes, “Let me take a look at the server to see if it offers any insight. iPhone is not much different from iPad, however in both cases the security landscape is different from the BlackBerry. -Bryan”

Then Clinton replies, “Thanks again. I’m back in business.” (US Department of State, 10/12/2016)

None of these five emails will be included in the 30,000 work-related emails Clinton gives the State Department in December 2014, even though the inclusion of Pagliano, a department official, in the chain makes them work-related. (One email that will be included is simply Pagliano wishing Clinton a happy birthday in 2012.) Instead, one of the emails in the chain will be later recovered by the FBI from Clinton’s deleted emails (with the text of the other four emails included in the reply).

These emails will be released to Judicial Watch on October 12, 2016, in response to a Freedom of Information Act (FOIA) lawsuit, and Judicial Watch will make them public on October 19, 2016. (US Department of State, 10/12/2016)

Ironically, in the same time frame, on October 13, 2016, Clinton’s written responses to a court deposition will be made public. In one answer, she will write: “Secretary Clinton states that she does not recall having communications with Bryan Pagliano concerning or relating to the management, preservation, deletion, or destruction of any emails in her clintonemail.com email account.” (Judicial Watch, 10/13/2016)

All of the emails between Clinton and Pagliano many never be found, since the FBI could only recover about half of Clinton’s deleted emails, and the file containing all of Pagliano’s emails from his time working at the State Department was mysteriously lost.

March 30, 2012—March 31, 2012: Clinton’s BlackBerry emails could be intercepted by Saudi Arabia while she visits that country.

Assistant Secretary for Near Eastern Affairs Jeffrey Feltman, Ambassador to the Clinton meets with King Abdullah bin Abdulaziz Al Saud of Saudi Arabia on March 30, 2012. (Credit: US Embassy Riyadh)

Clinton meets with King Abdullah bin Abdulaziz Al Saud of Saudi Arabia on March 30, 2012. (Credit: US Embassy Riyadh)

Clinton travels to Riyadh, Saudi Arabia, from March 30 to 31, 2012. (US Department of State, 3/30/2012)

This is notable because a September 2016 FBI report will reveal that Clinton regularly used her unsecure BlackBerry while outside the US, including sending and/or receiving “hundreds” of emails containing classified information. (Federal Bureau of Investigation, 9/2/2016)

Furthermore, in August 2010, it was reported that Research in Motion (RIM), the company that makes BlackBerrys, agreed to locate three computer servers within Saudi Arabia, “putting them under the jurisdiction of local security forces,” according to an article at the time by the Register.

Headquarters of Research In Motion (RIM) located in Waterloo, Ontario (Credit: public domain)

Headquarters of Research In Motion (RIM) located in Waterloo, Ontario (Credit: public domain)

The effective result is that the Saudi government was able to intercept emails that have to briefly pass through the servers. RIM did not want to agree to this, but the Saudi government briefly suspended BlackBerry service until RIM gave in. Even emails sent through Saudi Arabia using personal encryption keys could be easily intercepted due to this agreement. (The Register, 8/9/2010)

Clinton is sent emails virtually every day, and her days in Saudi Arabia are no exceptions. One email classified at the “confidential” level is sent to Clinton on March 31, 2012, though it’s not clear if she is in Saudi Arabia at the time or not. The email concerns politics in Sudan and South Sudan. (US Department of State, 1/29/2016)

 

August and December 2012: An Internet-wide hacker attack makes Clinton’s private server even more vulnerable.

An anonymous hacker using a computer in Serbia scans hundreds of millions of Internet addresses for accessible openings, called “ports.” Clinton’s private server is scanned by this hacker in August 2012 and again in December. The hacker’s millions of results are then made widely available on-line. It is unknown if anyone looking at this data figures out if the server belongs to Bill and Hillary Clinton, although the name “clintonemail.com” is a clue. (The Associated Press, 10/13/2015)

January 2013—May 31, 2013: Clinton uses an agent to find new management for her private server.

Tania Neild (Credit: public domain)

Tania Neild (Credit: public domain)

Tania Neild runs a company called InfoGrate that connects very wealthy people with companies who oversee their personal technologies, such as emails, and her company is based only about twenty miles from Clinton’s New York house. (Politico, 11/10/2015) (The Washington Post, 9/5/2015) 

An FBI report will later state that “due to user limitations and reliability concerns regarding the [existing] server, staff for [Hillary] Clinton and President [Bill] Clinton discussed future email server options, and a search was initiated to find a vendor to manage a Clinton email server. Additionally, [Clinton’s computer technician Bryan] Pagliano’s expressed desire to seek new employment contributed to the decision to move to a new server.”

Clinton will also be interviewed, and she will recall “that the transition to [a new company] was initiated by President Clinton’s aides seeking a higher level of service than could be provided by the [existing] server.”

Around January 2, 2013, Neild is introduced to Clinton’s chief of staff Cheryl Mills through an unnamed mutual business associate. Neild will later tell the FBI that she worked with Mills and Pagliano to produce a proposal to solicit responses from multiple companies. (Federal Bureau of Investigation, 9/2/2016)

January 2013, Platte River Networks, a small company based in Colorado, is told by Neild they are in he running for a new contract. In mid-February, they find out they are a finalist for the contract, and that they might be working for Clinton. They will be hired by Clinton to manage her private server on May 31, 2013. (Politico, 11/10/2015) (The Washington Post, 9/5/2015) 

01-2013AlexMcGeorgeNewsmax

Alex McGeorge (Credit: Newsmax)

Pagliano will later tell the FBI who made the final decision to pick Platte River. But this person’s name will be redacted, and only identified as someone working for President Clinton. (Federal Bureau of Investigation, 9/2/2016)

In retrospect, the choice of Platte River will seem to be an odd one. Cybersecurity expert Alex McGeorge will later comment, “My big issue here is do you want a small firm with little/no government experience or contracting (according to what’s being reported) and no stated security expertise to be in charge of the email system for our secretary of state? That is fundamentally ridiculous.” (Business Insider, 8/17/2015)

January 5, 2013: Someone accesses the email account of one of Bill Clinton’s staffers on the private server used to host Hillary Clinton’s emails.

130101TorLogopublic

The Tor Logo (Credit: public domain)

This is according to a FBI report that will be released in September 2016. It is known the staffer whose account gets breached is female, but her name will be redacted. The unnamed hacker uses the anonymity software Tor to browse through this staffer’s messages and attachments on the server.

The FBI will call this the only confirmed “successful compromise of an email account on the server.” But the FBI will not be able to determine who the hacker is or how the hacker obtained the staffer’s username and password to access her account. (Federal Bureau of Investigation, 9/2/2016)

Wired will later comment, “The compromise of a Bill Clinton staffer—who almost certainly had no access to any of then-Secretary Clinton’s classified material—doesn’t make the security of those classified documents any clearer. But it will no doubt be seized on by the Clintons’ political opponents to raise more questions about their server’s security.”

Dave Aitel (Credit: Immunity)

Dave Aitel (Credit: Immunity)

Clinton’s computer technician Bryan Pagliano is in charge of monitoring the server’s access logs at the time.

But Dave Aitel, a former NSA security analyst and founder of the cypersecurity company Immunity, will later comment that the breach shows a lack of attention to the logs. “They weren’t auditing and restricting IP addresses accessing the server. That’s annoying and difficult when your user is the secretary of state and traveling all around the world… But if she’s in Russia and I see a login from Afghanistan, I’d say that’s not right, and I’d take some intrusion detection action. That’s not the level this team was at.” (Wired, 9/2/2016)

When Pagliano is interviewed by the FBI in December 2015, he will claim that he knew of no instance when the server was successfully breached, suggesting he didn’t know about this incident. (Federal Bureau of Investigation, 9/2/2016)

And when Justin Cooper, a Bill Clinton aide who helped Pagliano manage the server, will be asked about the incident in September 2016, he will say he knew nothing about it until he read about it in the FBI report released earlier that month. (US Congress, 9/13/2016)

February 2013—June 2013: At least one manager of Clinton’s server does very little during a transition phase, despite the Guccifer hack threat.

At the end of Clinton’s tenure of secretary of state in February 2013, her private server is still being managed by Bryan Pagliano and Justin Cooper, with Pagliano doing most of the technical work and Cooper doing most of the customer service work. The management of the server will be taken over by the Platte River Networks (PRN) computer company in June 2013. It seems possible that the server is not as actively managed in the months in between.

Justin Cooper testifies to the House Oversight and Government Affairs Committee. (Credit: Alex Wong / Getty Images)

Justin Cooper testifies to the House Oversight and Government Affairs Committee on September 13, 2016. (Credit: Alex Wong / Getty Images)

In September 2016, Cooper will be questioned by a Congressional committee. Representative Jason Chaffetz (R) will ask him, “[Y]ou stepped back from the day-to-day activities with the Clintons about the time of the transition, is that correct? As she left office?”

He will reply, ‘Yes.”

When asked about his knowledge of what happened to server security after the hacker known as Guccifer broke into the email account of a Clinton confidant and publicly exposed Clinton’s email address on the server in March 2013, Cooper will reply, “At that point in time I was transitioning out of any role or responsibility with the server as various teams were selecting Platte River Networks to take over the email services and I don’t know that I had any sort of direct response.”

Additionally, when Cooper will be asked about his contact with PRN, he will say, “My interaction was handing over user names and passwords and that was the totality of the interaction I’ve had. I’ve never had interaction with them.” (US Congress, 9/13/2016)

It is not known if Pagliano similarly cuts down his involvement with managing the server during this time, since he has refused to publicly comment about his experiences. The FBI has mentioned nothing about the management of Pagliano or Cooper during this time period. (Federal Bureau of Investigation, 9/2/2016)

March 15, 2013—March 21, 2013: Clinton’s private server is repeatedly scanned from Russia shortly after Guccifer’s hack revealed her server domain.

On March 14, 2013, the Romanian hacker known as Guccifer broke into the email account of Clinton confidant Sid Blumenthal and learned Clinton’s private email address and thus her clintonemail.com server domain.

A September 2016 FBI report will reveal that “An examination of log files [of Clinton’s server] from March 2013 indicated that IP addresses from Russia and Ukraine attempted to scan the server on March 15, 2013, the day after the Blumenthal compromise, and on March 19 and March 21, 2013. However, none of these attempts were successful, and it could not be determined whether this activity was attributable to [Guccifer].” (Federal Bureau of Investigation, 9/2/2016)

Shortly after March 15, 2013: Cheryl Mills expresses concerns to Bryan Pagliano about the security of Clinton’s private email server after the Guccifer hack.

On March 14, 2013, the Romanian hacker nicknamed Guccifer broke into the email account of Clinton confidant Sid Blumenthal and made Clinton’s private email address public. Cheryl Mills was Clinton’s chief of staff until January 2013, when both she and Clinton left the State Department. But Mills continues to assist Clinton, and in August 2016 she will mention in written answers to a Freedom of Information Act (FOIA) lawsuit that she was concerned at this time how the Guccifer hack could impact the running of Clinton’s private email server.

She says she discussed the issue with Bryan Pagliano, Clinton’s computer technician “in or around March 2013, when the email account of Sidney Blumenthal was compromised by a hacker known as Guccifer. As I recall, these discussions involved whether this event might affect Secretary Clinton’s email.”

Clinton changed her email address several days after the Guccifer hack was discovered. However, the server continued to operate and her new email address was also hosted on the same server. It is still unknown whether Pagliano or anyone else took any other security steps in response to the hack. (Politico, 8/10/2016)

March 20, 2013: Gawker publishes an article that reveals Clinton’s use of a private email address and notes it “could be a major security breach.”

The article notes that the hacker nicknamed Guccifer broke into the email account of Clinton confidant Sid Blumenthal. “[W]hy was Clinton apparently receiving emails at a non-governmental email account? The address Blumenthal was writing to was hosted at the domain ‘clintonemail.com’, which is privately registered via Network Solutions. It is most certainly not a governmental account. […] And there seems to be little reason to use a different account other than an attempt to shield her communications with Blumenthal from the prying eyes of FOIA [Freedom of Information Act] requesters.

Neither the State Department nor the White House would immediately comment on whether the White House knew that Blumenthal was digitally whispering in Clinton’s ear, or if the emails were preserved as the law requires. And if, as it appears, Blumenthal’s emails contained information that was classified, or ought to have been treated as such, it could be a major security breach for Clinton to have allowed it to be sent to her on an open account, rather than through networks the government has specifically established for the transmission of classified material.” (Gawker, 3/20/2013)

May 3, 2013: In a public speech, Under Secretary of State for Political Affairs Wendy Sherman says Clinton conducts diplomacy on her unsecure BlackBerry.

Wendy Sherman giving a speech on May 3, 2013. (Credit: public domain)

Wendy Sherman giving a speech on May 3, 2013. (Credit: public domain)

Sherman says that technology “has changed the way diplomacy is done. […] Things appear on your BlackBerrys that would never be on an unclassified system, but you’re out traveling, you’re trying to negotiate something, you want to communicate with people – it’s the fastest way to do it.” She recalls the 2011 United Nations General Assembly, during which Clinton and European diplomat Catherine Ashton negotiated. “They sat there as they were having the meeting with their BlackBerrys transferring language back and forth between them and between their aides to multitask in quite a new fashion.”

The Hill will later note that Sherman’s comments “suggest that diplomats across the [State Department] routinely declined to use special protections for classified information to prioritize convenience.” (The Hill, 1/26/2016) 

Former NSA counterintelligence officer John Schindler will later make the general observation, “The State Department has a longstanding reputation for being less than serious about security, and its communications have often wound up in foreign hands. It’s something of a tradition at [State Department headquarters], to the chagrin of the Intelligence Community…” (The New York Observer, 1/28/2016)