Memo: Hackers went after State Department personal emails while Clinton was SecState

The Clintonemail case is getting curiouser and curiouser as a State Department memo shows Hillary Clinton was warned about the potential of hacks on private emails while Secretary. Competitive Enterprise Institute and Washington Free Beacon got the 2011 memo showing security officials were very worried about phishing attacks.

Threat analysis by the DS cyber security team and related incident reports indicate a dramatic increase since January 2011 in attempts by to comprise the private home e-mail accounts of senior Department officials. The actors are targeting senior United State government officials and their staffs. Victims include personnel at the Ambassador, Assistant Secretary, and Under Secretary levels at DoS, EOP, DoD, DOJ, Treasury, and the U.S. Senate.

No one should be surprised at all that hackers were going after the personal emails of government workers, but it again raises questions into just how secure Clinton’s private email server was. I’ve written before how Huma Abedin and Cheryl Mills were using non-government or Clintonemail accounts to conduct State Department business. It’s now looking more likely hackers targeted the private emails in hopes of gaining access to whatever information was out there. In fact, the memo points out hackers appeared to have known senior Department officials were using private emails.

Specifically, the actors are sending cleverly forged e-mails to victims’ private web-based accounts (e.g. Gmail, Hotmail, Yahoo). These ‘spear phishing’ messages appear to be sent by U.S. government officials but are designed to trick recipients into activating embedded malicious code by clicking on an attachment or link

No one is saying where the hackers were coming from, but Secretary of State John Kerry told CBS News earlier this year that he was sure Russia and China were reading his emails. Plus there’s the NBC News report from August saying China was snooping into U.S. government emails in 2010 (emphasis mine).

China’s cyber spies have accessed the private emails of “many” top Obama administration officials, according to a senior U.S. intelligence official and a top secret document obtained by NBC News, and have been doing so since at least April 2010…

In 2011, Google disclosed that the private gmail accounts of some U.S. officials had been compromised, but the briefing shows that private email accounts from other providers were compromised as well.

The government email accounts assigned to the officials, however, were not hacked because they are more secure, says the senior U.S. intelligence official.

I don’t believe for one minute those government email accounts are more secure, because nothing is secure. The OPM hack shows how porous the federal government’s email security is, which means the rest of the government’s data probably isn’t that secure either.. If Kerry thinks his emails are being read by China and Russia, then either he’s just overstating things or the U.S. needs to fire all of its data security officers and start all over again. One thing WFB reported last week was that Clinton did click on an email which contained a phishing link.

[ Center for American Progress President Neera ] Tanden sent Clinton an email in July 2011 that contained a link to an online dating site. “Look what I’ve found,” it said. “Here is a very nice offer. Enjoy!”
Clinton did not immediately appear to realize that the email was a phishing scheme.

“Neera–did you send me this? If not, I think your email address book has been hacked. If so, why?” she wrote. ”Anyway, hope you’re well.”

So if State Department warned Clinton about phishing attacks on private emails in 2011, then Clinton received a phishing email which was opened, it’s reasonable to think her email address book may have been hacked. Maybe this is why Clinton went from using [email protected] to [email protected] It’s still troublesome how Clinton’s camp was willing to keep the private server up and running, even after this happened. It’s not like her server was created by Tony Stark, Bruce Wayne, or Ted Kord. It just shows a lack of foresight by Clinton’s camp into just how secure they thought their server was. It’s even possible they didn’t care because “Hey, we’re the Clintons and we’re Teflon-coated so everything bounces off.” Either way, this isn’t good and just shows how foolish she and her advisers were. If hackers were able to get into the private emails of State Department employees, Clinton should have ordered all workers to stop using email and go back to typewriters and burn bags, while the IT department tried to plug the holes. Yes it’s a hassle, but it’s certainly more secure that what was out there at the time. If the government hasn’t taken appropriate steps to solving the problem, then who knows what (if any) secrets were able to get out. Hacking is a part of cyberwar, just code-breaking, but the government needs to be serious about protecting Top Secret information. All this shows is how ill-prepared Clinton was for being Secretary of State. That should be something which should bother all of those in the #ReadyForHillary crowd. If she was this much of a space care as Secretary of State, how bad of one will she be as President?