Monday, October 19, 2015

Surprise: Cybersecurity Deteriorated Under Hillary Clinton

By William Teach

In an Associated Press exclusive, Ken Dilanian notes just how bad cybersecurity was during Hillary's tenure as Secretary of State. The article is primarily published in local news sites, though the NY TImes does have it as a web only piece, not in their published paper. Other national news outlets, such as ABC, NBC, CBS, Washington Post, MSNBC, for instance? Not at this time

(AP) The State Department was among the worst agencies in the federal government at protecting its computer networks while Hillary Clinton was secretary from 2009 to 2013, a situation that continued to deteriorate as John Kerry took office and Russian hackers breached the department's email system, according to independent audits and interviews.
The State Department's compliance with federal cybersecurity standards was below average when Clinton took over but grew worse in each year of her tenure, according to an annual report card compiled by the White House based on audits by agency watchdogs. Network security continued to slip after Kerry replaced Clinton in February 2013, and remains substandard, according to the State Department inspector general.
In each year from 2011 to 2014, the State Department's poor cybersecurity was identified by the inspector general as a "significant deficiency" that put the department's information at risk. The latest assessment is due to be published in a few weeks.

The State Dept is unhappy with the assessment, and yammers on about being almost 100% secure, so, a bit of CYA, rather than putting the effort in to actually resolving the issues. They had been warned numerous times by Inspector Generals of the deficiencies of the system.

Clinton approved significant increases in the State Department' information technology budgets while she was secretary, but senior State Department officials say she did not spend much time on the department's cyber vulnerabilities. Her emails show she was aware of State's technological shortcomings, but was focused more on diplomacy.
She failed at the diplomacy part, too. But, hey, perhaps this is the reason she put together a homebrew server in violation of State Department and federal government regulations
Emails released by the State Department from her private server show Clinton and her top aides viewed the department's information technology systems as substandard and worked to avoid them.
"State's technology is so antiquated that NO ONE uses a State-issued laptop and even high officials routinely end up using their home email accounts to be able to get their work done quickly and effectively," top Clinton aide Ann-Marie Slaughter wrote in an email to Clinton on June 3, 2011.
You can almost understand why Hillary did what she did. Of course, it's a big jump from using typical private email systems, such as Yahoo or Google, or government email, which are both rather insecure and vulnerable (and many keep all your information), to running a homebrew server that had virtually no security, and was much, much worse than private and government programs.

Supposedly, State's system used for disseminating classified/sensitive information was very good. Yet, Hillary still chose to use her terrible homebrew server. Using your own server, interestingly, is a recommendation from many cybersecurity experts for secure email, but, that's for you an me, who won't be targeted by hackers from intelligence agencies around the world. Hillary could have used multiple email systems, such as ProtonMail or others. Even Yahoo would have been more secure.

Rather than work to fix the problems, Hillary abdicated her role and used an even worse system. This is who Democrats want for president.

 Crossed at Pirate's Cove. Follow me on Twitter @WilliamTeach.

1 comment:

Unknown said...

Hillary made it easy for foreign hackers to locate her private email account.

Her domain name was "" and her email address was ""

Hillary's maiden name was Hillary Diane Rodham -- HDR.