Latest Hillary email release doubles number of classified emails, demonstrates attempted hacking

There is media spin aplenty in coverage of the latest tranche of emails from Hillary Clinton’s private server, released yesterday evening.  In a stunning display of contrasting headlines, Politico – no member of the Vast Right Wing Conspiracy – details:

Clinton’s email woes deepen as classified messages pile up

The number of emails now marked classified doubled with the latest release.

While the New York Times headlines:

3 Hillary Clinton Emails Deemed ‘Secret’ in State Dept. Review of 6,300 Pages

Politico totals the numbers...ahh...differently from the Times:

The number of emails now considered classified total more than 400, with three of the 215 newly classified documents marked as SECRET — the middle tier of the national security classification system.

The discrepancy can be explained by the fact that the Times relies on the State Department as the barometer of secrecy.  Until yesterday, that agency refused to name any emails as classified, despite intelligence agencies regarding them as such and redacting them.  The rest of the media appears to accept the Politico total.  But inside the Blue Bubble, Times readers are comforted that this is no big deal.

While some of the classified material in the total is comparatively benign, some of it was critical to ongoing diplomatic activity:

Two of the just-released SECRET emails pertain to talks about the Iranian nuclear program, conducted by a group of nations referred to as the P5+1. The messages are from January 21 and 22, 2011 and were forwarded to Clinton's private account by Deputy Chief of Staff Jake Sullivan, who now serves as policy director on Clinton's presidential campaign.

The substance of the two emails was redacted from the public release, but the subject lines identify the messages as summaries of the nuclear talks underway in Istanbul, Turkey. A State Department spokesman said that message, and the others deemed classified, were not marked as such when they were sent to Sullivan by other State officials.

For the first time, there is evidence of hacking attempts.  AP reports:

Russia-linked hackers tried at least five times to pry into Hillary Rodham Clinton's private email account while she was secretary of state, emails released Wednesday show. It is unclear if she clicked on any attachments and exposed her account.

Clinton received the infected emails, disguised as speeding tickets from New York, over four hours early the morning of Aug. 3, 2011. The emails instructed recipients to print the attached tickets. Opening an attachment would have allowed hackers to take over control of a victim's computer.

Security researchers who analyzed the malicious software in September 2011 said that infected computers would transmit information from victims to at least three server computers overseas, including one in Russia. That doesn't necessarily mean Russian intelligence or citizens were responsible.

Nick Merrill, a spokesman for Clinton's Democratic presidential campaign, said: "We have no evidence to suggest she replied to this email or that she opened the attachment. As we have said before, there is no evidence that the system was ever breached. All these emails show is that, like millions of other Americans, she received spam."

Practically every Internet user is inundated with spam or virus-riddled messages daily. But these messages show hackers had Clinton's email address, which was not public, and sent her a fake traffic ticket from New York state, where she lives. Most commercial antivirus software at the time would have detected the software and blocked it.

There is evidence that the Clinton group knew their emails were being hacked:

In A June 4, 2011 email chain between Hillary Clinton, her Chief of Staff Cheryl Mills and senior aides Huma Abedin and Jake Sullivan, all of whom used private email accounts, and in Clinton and Abedin's case, Clinton's secret server, Mills admits she was "someone who attempted to be hacked," and warned against telegraphing the use of private email, as it "may encourage others who are out there."

Clinton knew her emails were vulnerable and even joked about it.

In another July 2011 email chain from Clinton to Nora Toiv, Mills' assistant, the secretary appeared confused about whether she had Toiv's State or Gmail address.

"You've always emailed me on my State email which is toivnf@state.gov," Toiv wrote.

"Even weirder--I just checked and I do have your state but not your gmail--so how did that happen. Must be the Chinese!" Clinton responded.

But it is no joke.  Doug Ross hypothesizes a scenario in which Clitnon’s vulnerable private server could have led to the “Digital Pearl Harbor” Chinese hack of the Office of Personnel Management database:

My contention is that Hillary Clinton's use of a bathroom server led directly to the OPM hack, which cyber experts have called "a digital Pearl Harbor."

Here's how the attack chain worked from the perspective of the People's Liberation Army (PLA).

1. PLA operative compromises HRC's email server.

2. PLA operative sends emails to various government officials using the accounts of HRC, Huma Abedin, Cheryl Mills or another senior official. Nothing gets the attention of a government apparatchik like an email from the likes of Hillary.

3. The emails contained a spear-phishing link with instructions to click on the link (e.g., "please check out these travel plans and see if they sync up with your schedule") that installed malware on the targeted device. Predicted click-through rate: 70%+.

4. Targeted device is infected and then used to launch attacks inside applicable government network. These attacks take the form of reconnoitering on the compromised device (reading documents, emails, network drives, etc.); performing reconnaissance on the government network, and launching additional attacks.

In short, compromising Hillary's email server was a gold mine for foreign intelligence agencies.

I can assure you we haven't heard the last of tragic, needless compromises of America's national security due to Hillary Clinton's voracious lust for power and money.

Once a hole is created in digital firewalls, there is no telling what will leak out.  Hillary complained on Meet the Press about the "drip, drip, drip" she cannot control.  She might better worry about a flood.

There is media spin aplenty in coverage of the latest tranche of emails from Hillary Clinton’s private server, released yesterday evening.  In a stunning display of contrasting headlines, Politico – no member of the Vast Right Wing Conspiracy – details:

Clinton’s email woes deepen as classified messages pile up

The number of emails now marked classified doubled with the latest release.

While the New York Times headlines:

3 Hillary Clinton Emails Deemed ‘Secret’ in State Dept. Review of 6,300 Pages

Politico totals the numbers...ahh...differently from the Times:

The number of emails now considered classified total more than 400, with three of the 215 newly classified documents marked as SECRET — the middle tier of the national security classification system.

The discrepancy can be explained by the fact that the Times relies on the State Department as the barometer of secrecy.  Until yesterday, that agency refused to name any emails as classified, despite intelligence agencies regarding them as such and redacting them.  The rest of the media appears to accept the Politico total.  But inside the Blue Bubble, Times readers are comforted that this is no big deal.

While some of the classified material in the total is comparatively benign, some of it was critical to ongoing diplomatic activity:

Two of the just-released SECRET emails pertain to talks about the Iranian nuclear program, conducted by a group of nations referred to as the P5+1. The messages are from January 21 and 22, 2011 and were forwarded to Clinton's private account by Deputy Chief of Staff Jake Sullivan, who now serves as policy director on Clinton's presidential campaign.

The substance of the two emails was redacted from the public release, but the subject lines identify the messages as summaries of the nuclear talks underway in Istanbul, Turkey. A State Department spokesman said that message, and the others deemed classified, were not marked as such when they were sent to Sullivan by other State officials.

For the first time, there is evidence of hacking attempts.  AP reports:

Russia-linked hackers tried at least five times to pry into Hillary Rodham Clinton's private email account while she was secretary of state, emails released Wednesday show. It is unclear if she clicked on any attachments and exposed her account.

Clinton received the infected emails, disguised as speeding tickets from New York, over four hours early the morning of Aug. 3, 2011. The emails instructed recipients to print the attached tickets. Opening an attachment would have allowed hackers to take over control of a victim's computer.

Security researchers who analyzed the malicious software in September 2011 said that infected computers would transmit information from victims to at least three server computers overseas, including one in Russia. That doesn't necessarily mean Russian intelligence or citizens were responsible.

Nick Merrill, a spokesman for Clinton's Democratic presidential campaign, said: "We have no evidence to suggest she replied to this email or that she opened the attachment. As we have said before, there is no evidence that the system was ever breached. All these emails show is that, like millions of other Americans, she received spam."

Practically every Internet user is inundated with spam or virus-riddled messages daily. But these messages show hackers had Clinton's email address, which was not public, and sent her a fake traffic ticket from New York state, where she lives. Most commercial antivirus software at the time would have detected the software and blocked it.

There is evidence that the Clinton group knew their emails were being hacked:

In A June 4, 2011 email chain between Hillary Clinton, her Chief of Staff Cheryl Mills and senior aides Huma Abedin and Jake Sullivan, all of whom used private email accounts, and in Clinton and Abedin's case, Clinton's secret server, Mills admits she was "someone who attempted to be hacked," and warned against telegraphing the use of private email, as it "may encourage others who are out there."

Clinton knew her emails were vulnerable and even joked about it.

In another July 2011 email chain from Clinton to Nora Toiv, Mills' assistant, the secretary appeared confused about whether she had Toiv's State or Gmail address.

"You've always emailed me on my State email which is toivnf@state.gov," Toiv wrote.

"Even weirder--I just checked and I do have your state but not your gmail--so how did that happen. Must be the Chinese!" Clinton responded.

But it is no joke.  Doug Ross hypothesizes a scenario in which Clitnon’s vulnerable private server could have led to the “Digital Pearl Harbor” Chinese hack of the Office of Personnel Management database:

My contention is that Hillary Clinton's use of a bathroom server led directly to the OPM hack, which cyber experts have called "a digital Pearl Harbor."

Here's how the attack chain worked from the perspective of the People's Liberation Army (PLA).

1. PLA operative compromises HRC's email server.

2. PLA operative sends emails to various government officials using the accounts of HRC, Huma Abedin, Cheryl Mills or another senior official. Nothing gets the attention of a government apparatchik like an email from the likes of Hillary.

3. The emails contained a spear-phishing link with instructions to click on the link (e.g., "please check out these travel plans and see if they sync up with your schedule") that installed malware on the targeted device. Predicted click-through rate: 70%+.

4. Targeted device is infected and then used to launch attacks inside applicable government network. These attacks take the form of reconnoitering on the compromised device (reading documents, emails, network drives, etc.); performing reconnaissance on the government network, and launching additional attacks.

In short, compromising Hillary's email server was a gold mine for foreign intelligence agencies.

I can assure you we haven't heard the last of tragic, needless compromises of America's national security due to Hillary Clinton's voracious lust for power and money.

Once a hole is created in digital firewalls, there is no telling what will leak out.  Hillary complained on Meet the Press about the "drip, drip, drip" she cannot control.  She might better worry about a flood.