March 3, 2016: The FBI has the computer security logs from Clinton’s private email server, and they allegedly show no evidence of foreign hacking.

Morgan Wright (Credit: Gov Tech)

Morgan Wright (Credit: Gov Tech)

The logs were given to the FBI by Bryan Pagliano, a Clinton aide who is cooperating with the FBI and who managed Clinton’s server during the time she was secretary of state. However, sophisticated hacking attempts sometimes leave no evidence in the security logs. (The New York Times, 3/3/2016) 

Additionally, cybersecurity expert Morgan Wright will later suggest the server may not have had an adequate detection system. “If you have a bank and you have one video camera when you need 20, then you missed it. If they weren’t capturing all the activity, their security logs may say they didn’t see anything.” (Fox News, 5/7/2016) 

In May 2016, it will emerge that there were hacking attempts on the server during the time Pagliano was managing it, for instance in January 2011. It’s not clear why these attacks didn’t appear on the server logs or why previous media reports of the logs were incorrect. (US Department of State, 5/25/2016) 

Also, it appears there were hacking attempts on the server after June 2013, when Pagliano was no longer involved, but when all of Clinton’s emails were still on the server. (The Associated Press, 10/7/2015)

May 4, 2016: Guccifer tells Fox News he accessed Clinton’s private server in 2013.

Guccifer (left) talks to Fox News reporter Catherine Herridge (right). (Credit: Fox News)

Guccifer (left) talks to Fox News reporter Catherine Herridge (right). (Credit: Fox News)

The Romanian hacker nicknamed Guccifer, whose real name is Marcel-Lehel Lazar, has been recently interviewed by Fox News. He claims for the first time that after breaking into the email account of Clinton confidant Sid Blumenthal in March 2013, he traced Clinton’s emails back to her private email server.

He tells Fox News, “For me, it was easy […] easy for me, for everybody.” He says he accessed her server “like twice.” He adds, “For example, when Sidney Blumenthal got an email, I checked the email pattern from Hillary Clinton, from Colin Powell, from anyone else to find out the originating IP [Internet Protocol address]. […] When they send a letter, the email header is the originating IP usually…then I scanned with an IP scanner.”

He said he then used some Internet programs to determine if the server was active and which ports were open. However, the server’s contents did “not interest” him at the time. “I was not paying attention. For me, it was not like the Hillary Clinton server, it was like an email server she and others were using with political voting stuff.”

If he breached the server, it appears he didn’t fully understand what he was seeing, and he has not claimed to have uncovered more of Clinton’s emails. He is interviewed from a US prison and has no documents to back up his claim. However, Fox News reports, “While [his] claims cannot be independently verified, three computer security specialists, including two former senior intelligence officials, said the process described is plausible and the Clinton server, now in FBI custody, may have an electronic record that would confirm or disprove Guccifer’s claims.”

Cybersecurity expert Morgan Wright comments, “The Blumenthal account gave him a road map to get to the Clinton server. […] You get a foothold in one system. You get intelligence from that system, and then you start to move.”

Guccifer claims he wants to cooperate with the US government, adding that he has hidden two gigabytes of data that is “too hot” and is “a matter of national security.”

The Clinton campaign responds, “There is absolutely no basis to believe the claims made by this criminal from his prison cell. In addition to the fact he offers no proof to support his claims, his descriptions of Secretary Clinton’s server are inaccurate.” (Fox News, 5/4/2016) 

Politico reports, “An internal FBI review of Clinton’s email records did not indicate traces of hacking” according to “a source familiar with the situation.” (Politico, 5/4/2016)

An FBI report in September 2016 will assert that Guccifer admitted in his FBI interview that he lied about his claim to have accessed Clinton’s server.

July 5, 2016—July 6, 2016: Comey’s comments indicate it is “very likely” Clinton’s emails were hacked, but solid proof may never be found.

In a July 5, 2016 public speech, FBI Director James Comey addresses the possibility that Clinton’s emails were accessed by outsiders. He says, “We did not find direct evidence that Secretary Clinton’s personal email domain, in its various configurations since 2009, was successfully hacked. But, given the nature of the system and of the actors potentially involved, we assess that we would be unlikely to see such direct evidence. We do assess that hostile actors gained access to the private commercial email accounts of people with whom Secretary Clinton was in regular contact from her personal account. We also assess that Secretary Clinton’s use of a personal email domain was both known by a large number of people and readily apparent. She also used her personal email extensively while outside the United States, including sending and receiving work-related emails in the territory of sophisticated adversaries. Given that combination of factors, we assess it is possible that hostile actors gained access to Secretary Clinton’s personal email account.” (Federal Bureau of Investigation, 7/5/2016)

The next day, the New York Times reports that although Comey said there was no “direct evidence” Clinton’s email account had been successfully hacked, “both private experts and federal investigators immediately understood his meaning: It very likely had been breached, but the intruders were far too skilled to leave evidence of their work.”

The Times says that Comey’s comments were a “blistering” critique of Clinton’s “email practices that left Mrs. Clinton’s systems wide open to Russian and Chinese hackers, and an array of others.” However, “the central mystery — who got into the system, if anyone — may never be resolved.”

Adam Segal (Credit: public domain)

Adam Segal (Credit: public domain)

Adam Segal, a cybersecurity expert at the Council on Foreign Relations (CFR), says, “Reading between the lines and following Comey’s logic, it does sound as if the FBI believes a compromise of Clinton’s email is more likely than not. Sophisticated attackers would have known of the existence of the account, would have targeted it, and would not have been seen.”

Before Comey’s comments, Clinton and her spokespeople had said on numerous occasions that her server had never been hacked. In an October 2015 interview, President Obama came to a similar conclusion about her server: “I don’t think it posed a national security problem.”

The Times also comments that Comey’s “most surprising suggestion” may have been his comment that Clinton used her private email while in the territory of “sophisticated adversaries.” This is understood to mean China and Russia and possibly a few more countries.

Former government cybersecurity expert James Lewis says, “If she used it in Russia or China, they almost certainly picked it up.” (The New York Times, 7/6/2016)

Cybersecurity consultant Morgan Wright says the most likely suspects are Russia, China and Israel, “in that order.”

Ben Johnson, a former National Security Agency official and security strategist, says “Certainly foreign military and intelligence services” would have targeted Clinton’s emails. “They’re going to have a lot of means and motives to do this.” He also says it wasn’t just likely countries such as China and Russia, but “any country that’s looking to potentially have adversarial relations with us or just [desires] more relations with us.” He specifically cites Middle East countries specifically as having a likely motive. (Politico, 7/5/2016)