Cyberattacks & a Clinton hack

Three Associated Press reporters collaborate on an article exploring cyberattacks on Hillary Clinton’s email server after she left office in 2013. The attacks originated in China, South Korea, and Germany; they appear to have been blocked by a threat monitoring product connected to her network in late 2013. I assume that the attacks were detected (not just blocked, if they were blocked) by software, though that is not entirely clear. However, according to the article, “there was a period of more than three months from June to October 2013 when that protection had not been installed[.]” The AP helpfully adds: “That means her server was possibly vulnerable to cyberattacks during that time.”

The AP story is based in part on a review of a letter sent by Senator Ron Johnson to Victor Nappe, CEO of SECNAP, the company that provided the threat monitoring product. Senator Johnson seeks documents relating to the company’s work on Clinton’s server and the nature of the cyber intrusions detected. As we shall see, Senator Johnson stars in the Clinton campaign’s response to the AP’s request for additional information regarding the cyberattacks.

It is not clear to me from the AP article if anything is known about security or attempted intrusions before June 2013. In June 2013, the AP points out, Clinton’s server was moved from her Chappaqua home to a data center in northern New Jersey, where it was maintained by Platte River Networks.

The AP is interested in the security issues raised by Clinton’s email arrangements. AP reporters submitted a set of questions regarding security issues to the Clinton campaign. The Clinton campaign didn’t deliberate long over a response:

A spokesman for the Clinton campaign did not answer detailed questions from The Associated Press about the cyber intrusions. Instead, spokesman Brian Fallon attacked Johnson by linking him to the House Benghazi committee inquiry, which the campaign dismissed in a recent media ad as politically motivated.

“Ron Johnson is ripping a page from the House Benghazi Committee’s playbook and mounting his own, taxpayer-funded sham of an investigation with the sole purpose of attacking Hillary Clinton politically,” campaign spokesman Fallon said by email. “The Justice Department is already conducting a review concerning the security of her server equipment, and Ron Johnson has no business interfering with it for his own partisan ends.”

Senator Johnson chairs a committee that is responsible for homeland security issues. Clinton’s irresponsible email arrangement for her official business as Secretary of State falls within the jurisdiction of the committee, but it’s good of the hack speaking on behalf of the Clinton campaign to remind us of the FBI investigation. The AP also makes a fleeting reference to the FBI investigation of no one in particular for nothing at all: “The FBI is investigating whether national security was compromised by Clinton’s email arrangement.”

The AP story concludes on a quizzical note:

SECNAP is not a well-known computer security provider. The company’s website and promotional literature describe CloudJacket as a monitoring system designed to counter unauthorized intrusions and monitor threats around the clock. Corporate documents show SECNAP has been in existence since at least 2002, selling computer spam filter and firewall products.

A SECNAP representative declined to comment, citing company policy.

The AP reported last month that Russia-linked hackers sent Clinton emails in 2011 – when she was still secretary of state – loaded with malware that could have exposed her computer if she opened the attachments. It is not known if she did.

The attacks Johnson mentions in his letter are different, according to government officials familiar with them. They were probing Clinton’s server directly, not through email.

Unfortunately, to be continued.