Around June 2008: Clinton’s first private email server is set up in her house.

080601ApplePowerMcIntoshG4

The Apple Power Macintosh G4 Server (Credit: public domain)

According to the FBI, around 2007, Justin Cooper purchased an Apple OS X server. Cooper is a personal aide to former President Bill Clinton at the time. On February 1, 2008, the domain names clintonemail.com, wjcoffice.com, and presidentclinton.com were registered, but apparently the server that uses them won’t be operational until a few months later. The server is physically located in a house in Chappaqua, New York, where Bill and Hillary Clinton live.

The server consists of an Apple Power Macintosh G4 or G5 tower and an HP printer. According to Cooper, around June 2008, an Apple employee installs the server in the basement of the Chappaqua house. Cooper is the only person with administrative access to the server. However, the Clinton family and their house staff have physical access to it.

Hillary Clinton uses her att.blackberry.net email account as her primary email address until around mid-to-late January 2009 when she will switch to a newly created hdr22@clintonemail.com account hosted on this server. (Federal Bureau of Investigation, 9/2/2016)

October 2013: Clinton’s server gets anti-hacking protection after going several months without any.

The CloudJacket Logo (Credit: public domain)

The CloudJacket Logo (Credit: public domain)

From late June 2013 until October 2013, Platte River Networks (PRN) is managing the server, apparently without any anti-hacking software. In October 2013, the software they have been waiting for arrives and is installed. This is an intrusion detection and prevention system called CloudJacket from SECNAP Network Security.

According to a later FBI report, it “had pre-configured settings that blocked or blacklisted certain email traffic identified as potentially harmful and provided real-time monitoring, alerting, and incident response services. SECNAP personnel would receive notifications when certain activity on the network triggered an alert. These notifications were reviewed by SECNAP personnel and, at times, additional follow-up was conducted with PRN in order to ascertain whether specific activity on the network was normal or anomalous. Occasionally, SECNAP would send email notifications to [an unnamed PRN employee], prompting him to block certain IP addresses. [This employee] described these notifications as normal and did not recall any serious security incident or intrusion attempt.”

Additionally, “PRN also implemented two firewalls for additional protection of the network. [This PRN employee] stated that he put two firewalls in place for redundancy in case one went down.”

The FBI report will also conclude, “Forensic analysis of alert email records automatically generated by CloudJacket revealed multiple instances of potential malicious actors attempting to exploit vulnerabilities on the PRN Server. FBI determined none of the activity, however, was successful against the server.” (Federal Bureau of Investigation, 9/2/2016)

 

March 2, 2015: The company managing Clinton’s server tightens security on the server after its existence is exposed.

On the morning of March 2, 2015, a front-page New York Times article reveals Clinton’s use of her own private email server. Platte River Networks (PRN) is managing the server.

Bill Thornton (Credit: public domain)

Bill Thornton (Credit: public domain)

Later in the day, PRN employee Bill Thornton writes in an internal company email, “I spent some time in their firewall just now locking everything down (pretty tight).” (The New York Post, 9/18/2016)

However, on March 4, 2015, an analysis of the server’s publicly visible settings will show it has a misconfigured encryption system. Further articles the next day will expose more security vulnerabilities.

PRN will make more changes to improve the server’s security around March 7, 2015.