March 18, 2015: The DIA’s former chief technology officer says: “I have no doubt in my mind that [Clinton’s server] was penetrated by multiple foreign powers.”

Bob Gourley (Credit: public domain)

Bob Gourley (Credit: public domain)

He adds, “To assume otherwise is to put blinders on.” This is according to Bob Gourley, who was the chief technology officer at the DIA [Defense Intelligence Agency] from 2005 to 2008 and is the founder of Cognitio, a cybersecurity consulting firm. (Bloomberg News, 3/18/2015)

March 18, 2015: Clinton’s team won’t answer basic questions about the security of her private server.

John A. Lewis (Credit: John Hopkins University)

John A. Lewis (Credit: John Hopkins University)

Clinton spokesperson Nick Merrill claims that when Clinton set up her private email server, “Robust protections were put in place and additional upgrades and techniques were employed over time as they became available. There was never evidence of a breach, nor any unauthorized intrusions.”

However, Merrill declines to say who exactly was in charge of maintaining the server and ensuring its security. Furthermore, it’s unclear what sort of security vetting that person or persons received, if any. Additionally, Merrill won’t reveal if other departments that protect government communications, such as the FBI or the NSA, were ever told of the server’s existence, and if so, if they helped provide security for it.

James A. Lewis, who held senior technology posts at the White House and State Department, comments that emails “that run on commercial services are vulnerable to collection. […] I don’t think people realize how much of this information is available to foreign intelligence services.” (Bloomberg News, 3/18/2015)

Contrary to Merrill’s claim, a May 2016 State Department inspector general report will reveal that there were hacker attacks on Clinton’s server.

May 15, 2015: Former Deputy CIA Director Michael Morrell says he believes some foreign intelligence agencies possess the contents of Clinton’s private email server.

Deputy CIA Director Michael Morrell (Credit: Time)

Deputy CIA Director Michael Morrell (Credit: Time)

He says, “I think that foreign intelligence services, the good ones, have everything on any unclassified network that the government uses.” (Politico, 5/15/2015) Morrell was acting CIA director twice under President Obama before retiring in 2013.

August 2, 2015: Tyler Drumheller, a former CIA officer, dies at 63 years of age of pancreatic cancer.

Tyler Drumheller (Credit: C-Span)

Tyler Drumheller (Credit: C-Span)

Although Drumheller retired from the CIA in 2005 after 25 years of service, he seems to have had access to intelligence information that got passed on to Clinton through emails sent to her by private citizen Sid Blumenthal. Drumheller and Blumenthal were business partners at least in 2011, and there are suspicions that during Clinton’s time as secretary of state, Blumenthal essentially ran a private intelligence service for Clinton using information from Drumheller. (The New York Times, 8/2/2015)

John Schindler, a former NSA counterintelligence officer, will later claim that Drumheller “was never particularly popular at CIA and he left Langley under something of a cloud. His emails to Mr. Blumenthal, which were forwarded to Ms. Clinton, were filled with espionage-flavored information about events in Libya. In many cases, Mr. Drumheller’s reports were formatted to look exactly like actual CIA reports, including attribution to named foreign intelligence agencies. How much of this was factual versus Mr. Drumheller embellishing his connections is unclear.” Schindler adds that answers to questions about Drumheller’s role may never be known due to his death. (The New York Observer, 10/19/2015)

September 2, 2015: It is widely believed foreign governments have intercepted Clinton’s emails.

The Daily Beast reports on Clinton’s email scandal, “There’s a widely held belief among American counterspies that foreign intelligence agencies had to be reading the emails on Hillary’s private server, particularly since it was wholly unencrypted for months. ‘I’d fire my staff if they weren’t getting all this,’ explained one veteran Department of Defense counterintelligence official, adding: ‘I’d hate to be the guy in Moscow or Beijing right now who had to explain why they didn’t have all of Hillary’s email.’ Given the widespread hacking that has plagued the State Department, the Pentagon, and even the White House during Obama’s presidency, senior counterintelligence officials are assuming the worst about what the Russians and Chinese know.”

An unnamed senior official who is “close to the investigation” says, “Of course they knew what they were doing, it’s as clear as day from the emails. I’m a Democrat and this makes me sick. They were fully aware of what they were up to, and the Bureau knows it.” (The Daily Beast, 9/2/2015)

January 28, 2016: It is claimed that Russian intelligence must have gotten the contents of Clinton’s emails.

This is according to an unnamed former high-ranking Russian intelligence officer. This officer says, “Of course the SVR got it all.” (The SVR, Sluzhba Vneshney Razvedki, is the successor intelligence agency to the KGB.) He adds, “I don’t know if we’re as good as we were in my time, but even half-drunk, the SVR could get those emails. They probably couldn’t believe how easy Hillary made it for them.” (The New York Observer, 1/28/2016)

January 30, 2016: It is revealed that four emails from Sid Blumenthal to Clinton have been entirely redacted.

This is notable because at the time Clinton is secretary of state, Blumenthal is a private citizen (and journalist and Clinton Foundation employee) with no government security clearance at the time. Dozens of other Blumenthal emails have been partly redacted, but here are the four fully redacted ones, with only the subject headings known:

  • June 23, 2009, titled “N. Ireland/Shaun.” This is a likely reference to Shaun Woodward, who is the secretary of state for Northern Ireland at the time.
  • June 20, 2011, titled “memo hrc Bahrain/Iran.” This is redacted because it contains information related to foreign activities.
  • June 28, 2012, titled “some intel on internal german/euro maneuvering.”
  • August 3, 2012. This email is entirely redacted except for the statement that the email contains information from “sources with access to the highest levels of the Governments and institutions.”

Twenty-two emails have been deemed “top secret,” so no details whatsoever about them have been made public. It is not known if any of them were sent by Blumenthal. (The Daily Caller, 1/30/2016) 

The New York Observer comments, “How Mr. Blumenthal, who held no US Government position after January 2001, when Bill Clinton left the White House, had access to classified information a decade after that is not explained.” Furthermore, “Since Mr. Blumenthal’s emails were illegally accessed by a private hacker [Guccifer, in March 2013], they can be safely assumed in to be in the hands of numerous foreign intelligence services.” (The New York Observer, 2/1/2016)

February 24, 2016: Former CIA Director Michael Hayden suggests that Clinton’s private server was almost certainly hacked by foreign governments.

CIA Director Michael Hayden (Credit: GovTechWorks)

CIA Director Michael Hayden (Credit: GovTechWorks)

Hayden is the only person ever to head both the National Security Agency (NSA) and the CIA. He says, “I would lose all respect for a whole bunch of foreign intelligence agencies if they weren’t sitting back, paging through the emails” of Clinton.

He adds, “Once you’ve set it up [as she did], nobody has to be stupid, lazy, unintelligent—it’s gone bad. You’re going to end up with information on this private server that just shouldn’t be there, let alone all the questions about preserving government records. […] How much energy would I expend if I were still director of the National Security Agency and someone told me I could get access to the unclassified email server of [Russian Foreign Minister] Sergei Lavrov? I’d move heaven and Earth to do that. And here you’ve got these private, intimate conversations by a senior official of the US government sitting out there in what I would call an unprotected environment.”

Hayden was appointed head of the NSA by President Bill Clinton and then head of the CIA by President George W. Bush. (USA Today, 2/24/2016)

March 4, 2016: A former NSA senior intelligence analyst claims concerns about Clinton’s email account getting hacked misses a bigger threat.

Computers in the White House Situation Room, with a yellow screensaver, indicating they are connected to a TOP SECRET/SCI computer network. (Credit: Screenshot from White House video)

Computers in the White House Situation Room, with a yellow screensaver, indicating they are connected to a TOP SECRET/SCI computer network. (Credit: Screenshot from White House video)

John Schindler, who spent time as the technical director of the NSA’s largest operational division, says that instead of focusing on hacking, foreign governments more often collect signals intelligence, or SIGINT remotely through high-tech means such as spy satellites.

He asserts that “unencrypted IT systems don’t need ‘hacking’—normal SIGINT interception will suffice. Ms. Clinton’s ‘private’ email, which was wholly unencrypted for a time, was incredibly vulnerable to interception, since it was traveling unprotected on normal commercial networks, which is where SIGINT operators lurk, searching for nuggets of gold. They hunt for data with search terms called ‘selectors’—a specific phone number, a chatroom handle, an email address: here Ms. Clinton’s use of the ‘clintonmail.com’ server was the SIGINT equivalent of waving a huge ‘I’m right here’ flag at hostile intelligence services. Since the number of spy agencies worldwide capable of advanced SIGINT operations numbers in the many dozens, with Russia and China in the top five, that Ms. Clinton’s emails wound up in the wrong hands is a very safe bet, as any experienced spy will attest.” (The New York Observer, 3/4/2016)

May 18, 2016: Director of National Intelligence James Clapper warns Clinton and Trump their campaign networks are being hacked.

Director of National Intelligence James Clapper (Credit: ABC News)

Director of National Intelligence James Clapper (Credit: ABC News)

Clapper publicly comments, “We’ve already had some indications” of hacking on the computer networks of the two frontrunners in the presidential race. He warns, “We’ll probably have more.” He suggests the hackers could be working for foreign governments.

V. Miller Newton, who advises federal agencies on data security, says foreign spying on campaign sites is inevitable. “These campaigns are not working on encrypted platforms. It’s a matter of when, and how serious of an impact it is going to have on this election.” (The Associated Press, 5/18/2016

It will later emerge that a hacking attack on the DNC [Democratic National Committee] was already discovered, in late April 2016, after staffers noticed unusual activity on the DNC’s computer network. (McClatchy Newspapers, 6/14/2016)

June 14, 2016: Hackers allegedly linked to the Russian government broke into the DNC’s files.

Democratic National Committee headquarters in Washington, DC. (Credit: public domain)

Democratic National Committee headquarters in Washington, DC. (Credit: public domain)

The Washington Post reports that the emails, text messages, and other computer files of The DNC [Democratic National Committee] were accessed by two groups allegedly linked to Russia. Opposition research on Republican presidential candidate Donald Trump was stolen.

One group known as Cozy Bear broke into the DNC’s network a year ago and maintained access without getting caught. The other group known as Fancy Bear, apparently working independently, did so much more recently. These same hackers also probed the networks of both the Trump and Clinton campaigns, as well as some Republican political action committees, but it is unknown if those attacks succeeded.

The first hacking group typically uses “spear phishing” to gain access. This is when an email appears to come from a someone the recipient knows but actually is meant to trick that person into activating embedded malicious code by clicking on an attachment or link. (Wired, 6/14/2016) (The Washington Post, 6/14/2016

Forbes comments that the “Holy Grail of Russian intelligence is uncovering compromising material that can be used to embarrass, manipulate, or blackmail foreign political leaders.” Furthermore, “If the DNC’s cyber secrets are open to Russian intelligence hackers, the odds are overwhelming that they have Clinton’s private emails as well, especially given that Clinton’s private server was a target of the highest value.” This means Clinton could be blackmailed or otherwise manipulated by Russia as well. Forbes also notes how both cases involved spear phishing. (Forbes, 6/14/2016) 

Clinton was targeted by spear phishing at least three times, twice in May 2011, and once in July 2011. It is unknown if any of those attacks succeeded. (US Department of State, 10/30/2015) (US Department of State, 3/5/2015) (US Department of State, 5/25/2016)

June 16, 2016: Recent alleged Russian hacking attacks appear to have focused on Clinton and the DNC and not other presidential campaigns.

SecureWorks Logo (Credit: SecureWorks)

SecureWorks Logo (Credit: SecureWorks)

SecureWorks is a cybersecurity company that apparently has been hired to investigate recent leaks targeting US government officials, departments, and related entities. Focusing on the hacking group known as Fancy Bear (or APT 28), they conclude with “moderate confidence that the group is operating from the Russian Federation and is gathering intelligence on behalf of the Russian government.” They also conclude that the group targeted Clinton’s presidential campaign and the DNC [Democratic National Committee].

However, SecureWorks have not observed Fancy Bear “[target] the US Republican party or the other US presidential candidates whose campaigns were active between mid-March and mid-May [2016]: Donald Trump, Bernie Sanders, Ted Cruz, Marco Rubio, and John Kasich.” But they point out the other campaigns could have been targeted by other means not noticed by them. (SecureWorks, 6/16/2016)

June 17, 2016: Some cybersecurity experts doubt the Russian government is behind recent hacking attacks.

Nathaniel Gleicher (Credit: Carmen Holt)

Nathaniel Gleicher (Credit: Carmen Holt)

Time Magazine notes that although CrowdStrike, the cybersecurity firm hired by the DNC [Democratic National Committee] to stop the hacking of their computer network, claims the Russian government is behind the attacks, other security experts are skeptical. Someone calling themselves “Guccifer 2.0” has posted some files that appear to come from the DNC hack, and that person claims to be a “lone hacker.”

CrowdStrike asserts this is just an effort to sow confusion about Russian involvement, but some experts doubt that as well.

Nathaniel Gleicher, the former director for cybersecurity policy on the NSC [National Security Council], says, “Attribution is incredibly difficult—I wouldn’t say impossible, but it’s very difficult.”

Reg Harnish, the CEO of the cybersecurity company GreyCastle Security, says the final answer may still be unknown, with political intrigues complicating the picture. “I’ve been personally involved in hundreds of these investigations, and you just don’t end up in the same place where you began. […] I think there’s a lot of misinformation out there right now.”

Scott Borg, the head of the US Cyber Consequences Unit, echoed the skepticism. “Our best guess is that the second (and apparently less skillful) of the two intruders was not Russian intelligence. We are also uncertain about the first group.”

So far, the FBI has not made any comment. (Time, 6/17/2016)

June 21, 2016: Democrats hope that blaming recent hacking attacks on the Russian government will limit the political fallout.

Glen Caplin (Credit: Global Strategy Group)

Glen Caplin (Credit: Global Strategy Group)

Bloomberg News reports, “If the Democrats can show the hidden hand of Russian intelligence agencies, they believe that voter outrage will probably outweigh any embarrassing revelations, a person familiar with the party’s thinking said.”

In the same article, Clinton spokesperson Glen Caplin refuses to comment on details about recent hacking attacks or confirm if any of Clinton’s campaign staff got successfully hacked. However, Caplin does say, “What appears evident is that the Russian groups responsible for the DNC hack are intent on attempting to influence the outcome of this election.”

The DNC [Democratic National Committee] similarly won’t comment on details or confirm reports of successful attacks. However, the DNC issues a written statement that it believes recent leaks by Guccifer 2.0 are “part of a disinformation campaign by the Russians.”

The Russian government has denied any involvement. (Bloomberg News, 6/21/2016)

June 22, 2016: Trump says foreign governments can blackmail Clinton over her email secrets.

Presumptive Republican presidential nominee Donald Trump says of Clinton’s emails from her time as secretary of state, “While we may not know what is in those deleted emails, our enemies probably do. So they probably now have a blackmail file over someone who wants to be president of the United States. This fact alone disqualifies her from the presidency. […] We can’t hand over our government to someone whose deepest, darkest secrets may be in the hands of our enemies.” This is part of a speech entirely focusing on criticism of Clinton. (The Hill, 6/22/2016)

He also says, “Hillary Clinton may be the most corrupt person ever to seek the presidency of the United States,” and claims she used the State Department as “her own personal hedge fund.” (NBC News, 6/22/2016)

July 5, 2016: FBI Director Comey announces he will not recommend Clinton’s indictment on any charge, but he calls her “extremely careless” in handling highly classified information.

FBI Director James Comey announces his recommendation for Clinton and her aides on July 5, 2016. (Credit: Cliff Owen / The Associated Press)

FBI Director James Comey announces his recommendation in a press conference on July 5, 2016. (Credit: Cliff Owen / The Associated Press)

FBI Director James Comey gives a public speech in front of a group of reporters. The timing is surprising, since this brings an end to the FBI’s investigation of Clinton’s email practices, and just a Sunday and the Fourth of July holiday separate this from the FBI’s interview of Clinton on July 2, 2016. Comey spends most of his speech criticizing Clinton, but ends it by saying he will not recommend that the Justice Department pursue any indictment of Clinton or her aides.

Comey’s fifteen-minute speech includes the following information, in order, with key phrases bolded to assist in understanding.

Comey begins by describing the FBI investigation:

  • The investigation started with a referral from Intelligence Community Inspector General Charles McCullough, and “focused on whether classified information was transmitted” on Clinton’s personal email server during her time as secretary of state. It specifically “looked at whether there is evidence classified information was improperly stored or transmitted on that personal system, in violation of a federal statute making it a felony to mishandle classified information either intentionally or in a grossly negligent way, or a second statute making it a misdemeanor to knowingly remove classified information from appropriate systems or storage facilities.” The FBI “also investigated to determine whether there is evidence of computer intrusion in connection with the personal email server by any foreign power, or other hostile actors.”
  • The FBI found that Clinton “used several different servers and administrators of those servers during her four years at the State Department, and used numerous mobile devices to view and send email on that personal domain. As new servers and equipment were employed, older servers were taken out of service, stored, and decommissioned in various ways…”
  • The FBI analyzed the over 30,000 work emails that Clinton did turn over to the State Department in December 2014, working with other US government departments to determine which emails contained truly classified information at the time they were sent, and which ones were justifiably classified later.
  • James Comey (Credit: Fox News)

    James Comey (Credit: Fox News)

    From the group of 30,068 emails Clinton returned to the State Department, “110 emails in 52 email chains have been determined by the owning agency to contain classified information at the time they were sent or received. Eight of those chains contained information that was ‘top secret’ at the time they were sent; 36 chains contained ‘secret’ information at the time; and eight contained ‘confidential’ information, which is the lowest level of classification. Separate from those, about 2,000 additional emails were ‘up-classified’ to make them ‘confidential’; the information in those had not been classified at the time the emails were sent.”

  • It had previously been reported that the FBI had recovered most or all of the 31,830 emails that Clinton had deleted, allegedly because they contained personal information only. However, Comey reveals that was not the case, and thousands of emails were not recovered. He gives an example of how when one of Clinton’s servers was decommissioned in 2013, the email was removed and broken up into millions of fragments.
  • The FBI “discovered several thousand work-related emails” that were not included in the 30,068 emails Clinton returned to the State Department, even though Clinton claimed under oath that she had returned all her work-related emails. The FBI found these after they “had been deleted over the years and we found traces of them on devices that supported or were connected to the private email domain.” Others were found in the archived government email accounts of other government employees whom Clinton frequently communicated with. Still others were found “from the laborious review of the millions of email fragments” of the server decommissioned in 2013.
  • Out of these additional work emails, three were classified at the time they were sent or received – none at the ‘top secret’ level, one at the ‘secret’ level, and two at the ‘confidential’ level. None were found to have been deemed classified later.
  • Furthermore, Comey claims “we found no evidence that any of the additional work-related emails were intentionally deleted in an effort to conceal them. Our assessment is that, like many email users, Secretary Clinton periodically deleted emails or emails were purged from the system when devices were changed. Because she was not using a government account—or even a commercial account like Gmail—there was no archiving at all of her emails, so it is not surprising that we discovered emails that were not on Secretary Clinton’s system in 2014, when she produced the 30,000 emails to the State Department.”
  • 160705DeletingAttorneys

    The three Clinton attorneys who deleted emails are David Kendall (left), Cheryl Mills (center), and Heather Samuelson (right). (Credit: public domain)

    However, he also admits that “It could also be that some of the additional work-related emails we recovered were among those deleted as ‘personal’ by Secretary Clinton’s lawyers when they reviewed and sorted her emails for production in 2014.” He claims that the three lawyers who sorted the emails for Clinton in late 2014 (David Kendall, Cheryl Mills, and Heather Samuelson) “did not individually read the content of all of her emails…” Instead, they used keyword searches to determine which emails were work related, and it is “highly likely their search terms missed some work-related emails” that were later found by the FBI elsewhere.

  • Comey states it is “likely” that some emails may have disappeared forever. because Clinton’s three lawyers “deleted all emails they did not return to State, and the lawyers cleaned their devices in such a way as to preclude complete forensic recovery.” But he says that after interviews and technical examination, “we believe our investigation has been sufficient to give us reasonable confidence there was no intentional misconduct in connection with that sorting effort.”

Comey then begins stating his findings:

  • “Although we did not find clear evidence that Secretary Clinton or her colleagues intended to violate laws governing the handling of classified information, there is evidence that they were extremely careless in their handling of very sensitive, highly classified information.”
  • As an example, he points out that “seven email chains concern matters that were classified at the ‘Top Secret/Special Access Program’ [TP/SAP] level when they were sent and received. These chains involved Secretary Clinton both sending emails about those matters and receiving emails from others about the same matters. There is evidence to support a conclusion that any reasonable person in Secretary Clinton’s position, or in the position of those government employees with whom she was corresponding about these matters, should have known that an unclassified system was no place for that conversation.”
  • He adds that it was a similar situation with emails classified at the “secret” level when they were sent, although he doesn’t specify how many.
  • He comments, “None of these emails should have been on any kind of unclassified system, but their presence is especially concerning because all of these emails were housed on unclassified personal servers not even supported by full-time security staff, like those found at departments and agencies of the US government—or even with a commercial service like Gmail.”
  • He notes that “only a very small number of the emails containing classified information bore markings indicating the presence of classified information. But even if information is not marked ‘classified’ in an email, participants who know or should know that the subject matter is classified are still obligated to protect it.”
  • He then criticizes the State Department as a whole. The FBI found evidence that “the security culture” of the State Department “was generally lacking in the kind of care for classified information found elsewhere in the government.” This was especially true regarding the use of unclassified email systems.
  • Then he addresses whether “hostile actors” were able to gain access to Clinton’s emails. Although no direct evidence of any successful hacking was found, he points out that “given the nature of the system and of the actors potentially involved, we assess that we would be unlikely to see such direct evidence. We do assess that hostile actors gained access to the private commercial email accounts of people with whom Secretary Clinton was in regular contact from her personal account. We also assess that Secretary Clinton’s use of a personal email domain was both known by a large number of people and readily apparent. She also used her personal email extensively while outside the United States, including sending and receiving work-related emails in the territory of sophisticated adversaries. Given that combination of factors, we assess it is possible that hostile actors gained access to Secretary Clinton’s personal email account.”

After laying out the evidence of what the FBI found, Comey moves to the FBI’s recommendation to the Justice Department. He admits that it is highly unusual to publicly reveal the FBI’s recommendation, but “in this case, given the importance of the matter, I think unusual transparency is in order.”

James Comey (Credit: NPR)

James Comey (Credit: NPR)

Then he comes to these conclusions:

  • “Although there is evidence of potential violations of the statutes regarding the handling of classified information, our judgment is that no reasonable prosecutor would bring such a case. Prosecutors necessarily weigh a number of factors before bringing charges. There are obvious considerations, like the strength of the evidence, especially regarding intent. Responsible decisions also consider the context of a person’s actions, and how similar situations have been handled in the past.”
  • To justify this decision, he claims he examined other cases involving the mishandling or removal of classified information, and “we cannot find a case that would support bringing criminal charges on these facts. All the cases prosecuted involved some combination of clearly intentional and willful mishandling of classified information; or vast quantities of materials exposed in such a way as to support an inference of intentional misconduct; or indications of disloyalty to the United States; or efforts to obstruct justice. We do not see those things here.”
  • He then says, “To be clear, this is not to suggest that in similar circumstances, a person who engaged in this activity would face no consequences. To the contrary, those individuals are often subject to security or administrative sanctions. But that is not what we are deciding now. As a result, although the Department of Justice makes final decisions on matters like this, we are expressing to Justice our view that no charges are appropriate in this case.”
  • He concludes by saying the FBI’s investigation was done competently, honestly, and independently, and without any kind of outside influence.

He doesn’t address the possibility of recommending the indictment of any of Clinton’s aides or other figures like Sid Blumenthal or Justin Cooper. He also doesn’t make any mention of the Clinton Foundation, though there have been media reports the FBI has been investigating it as well. After finishing his speech, he leaves without taking any questions from the media. (Federal Bureau of Investigation, 7/5/2016)