In an
exclusive report, the Associated Press published a piece today that adds a
fairly devastating addition to Hillary Clinton’s email controversy and her
State Department’s handling of cybersecurity from 2009-13.
Based on independent audits and interviews, the AP found that the State Department’s
compliance with federal cybersecurity standards was below average when Clinton,
the Democratic presidential frontrunner, took over as the Obama administration’s
chief diplomat, but it grew worse in each year of her tenure.
Department’s poor cybersecurity was identified by an inspector general – an internal
watchdog of the agency — as a “significant deficiency” that put the
department’s information at risk.
Clinton’s use
of a private email server for official business while she was secretary of
state led to the infiltration of malware linked to Russia. In addition, her
server was hit with malware from China, South Korea and Germany. The FBI is
investigating whether her home server was breached.
AP reports
that State Department officials don’t dispute the compliance shortcomings
identified in years of internal audits, but they argue that the audits paint a
distorted picture of their cybersecurity, which they depict as solid and
improving. They strongly disagree with the White House ranking that puts them
behind most other government agencies.
story from there, here’s a key portion of the AP piece:
“Two
successive inspectors general haven’t seen it that way. In December 2013, Inspector
General Steve Linick issued a ‘management alert’ warning top State Department
officials that their repeated failure to correct cybersecurity holes was
putting the department’s data at risk.
“Based on audits
by Linick and his IG predecessor, Harold Geisel, the State Department scored a
42 out of 100 on the federal government’s latest cybersecurity report card,
earning far lower marks than the Office of Personnel Management, which suffered
a devastating breach last year. State’s scores bested only the Department of
Health and Human Services and the Department of Housing and Urban Development.
State Department officials complain the grades are subjective.
More money, not more security
cyber intruders linked to Russia were able to break into the State Department’s
email system, infecting it so thoroughly that it had to be cut off from the
Internet in March while experts worked to eliminate the infestation.
“Clinton
approved significant increases in the State Department’ information technology budgets
while she was secretary, but senior State Department officials say she did not
spend much time on the department’s cyber vulnerabilities. She was aware of
State’s technological shortcomings but was focused more on diplomacy, her
emails show.”
Republicans reacting to this report may soon be paraphrasing Clinton rival
Bernie Sanders’ complaint about the tone of the Democratic primary campaign: “Not enough about the emails.”
