The Associated Press has an exclusive report coming out this week which veers away from Hillary Clinton’s private email server and back to the question of cybersecurity in general inside the ostensibly protected communications systems at the State Department. As it turns out, the private server may not be the star of the show, but rather an outlying symptom of deeper issues. Security inside the government systems at State was bad enough that two successive Inspector Generals had been issuing warnings about deficiencies and exposures all through Clinton’s tenure there. There were “management alerts” issued which warned that the department’s data was “at risk.”
In fact, when stacked up against the rest of the Executive Branch offices, Hillary’s State Department came in pretty close to the bottom of the list. (Yahoo News)
The State Department was among the worst agencies in the federal government at protecting its computer networks while Hillary Rodham Clinton was secretary from 2009 to 2013, a situation that continued to deteriorate as John Kerry took office and Russian hackers breached the department’s email system, according to independent audits and interviews.
The State Department’s compliance with federal cybersecurity standards was below average when Clinton took over but grew worse in each year of her tenure, according to an annual report card compiled by the White House based on audits by agency watchdogs. Network security continued to slip after Kerry replaced Clinton in February 2013, and remains substandard, according to the State Department inspector general.
In each year from 2011 to 2014, the State Department’s poor cybersecurity was identified by the inspector general as a “significant deficiency” that put the department’s information at risk. The latest assessment is due to be published in a few weeks.
The IGs evaluated all of the cabinet level departments and found that State ranked higher in security terms than only HUD and Health and Human Services. That means that the State Department under Hillary Clinton scored worse on protecting their data than OPM, the group which the Russians hung out to dry. All of this takes some air out of Barack Obama’s opinion, offered last week, when he said that Hillary’s data management policies didn’t pose a national security risk.
We don’t expect career politicians to be experts on the ins and outs of data management or how to build a firewall, but they are the only ones who can direct the resources of those who can tackle these problems. The problems this report highlights are troubling, not because Hillary Clinton couldn’t personally manage a server farm, but because she was repeatedly told that there were significant issues and did almost nothing to confront them.
Clinton approved significant increases in the State Department’ information technology budgets while she was secretary, but senior State Department officials say she did not spend much time on the department’s cyber vulnerabilities. She was aware of State’s technological shortcomings but was focused more on diplomacy, her emails show.
This report paints a disturbing picture which puts what we learned from the emails of Huma Abedin and Cheryl Mills in context. Nobody at State was using the government system and that may have been because it was antiquated and clunky. But rather than fixing the secure system, Clinton and her staff went around it while failing to prioritize any effort to bring it up to snuff. The private server question may speak to a desire for secrecy, but these findings indicate negligence and a rather casual attitude toward protecting the nation’s secrets. In some ways, this may prove to be more of a bombshell than the server in the bathroom closet.