Analysis of FBI Reports: China more likely to have Hillary’s emails, not Russia

From an analysis of the FBI document dump (Part 1, Part 2) concerning Hillary’s email use and her foreign travel schedule, it is apparent that the Chinese are more likely to have gained access to Hillary’s emails than Russia. Other countries would have had opportunities as well.

Hillary’s email server was most vulnerable from mid to late January to late March 2009, when the email server used was an older Apple machine for her hdr22@c1intonemai1.com email account. During that time, there was no encryption of her login ID or password. From the FBI report (page 27 of Part 1):

Investigation determined Clinton's clintonemail.com e-mail traffic was potentially vulnerable to compromise when she first began using her personal account in January 2009. It was not until late March 2009, when the Pagliano Server was set up and an SSL certificate was acquired for the clintonemail.com domain -- providing encryption of login credentials, but not e-mail content stored on the server -- that access to the server was afforded an added layer of security.

That means that when she traveled abroad, anytime her Blackberry was turned on, it would periodically send her login and password in the clear to connect to the server. Specifically, Hillary traveled to Beijing, China on February 20-21, 2009 during this time period.  The Chinese government controls the telephone service so it would have been relatively easy to obtain her login credentials if her phone were turned on and connected to the local telephone service at any time during the trip.

The State Department has a mobile security team that warned Hillary and her staff about the risk of using mobile devices abroad. From the report (page 14 of Part 1)

Clinton and her immediate staff were notified of foreign travel risks and were warned that digital threats began immediately upon landing in a foreign country, since connection of a mobile device to a local network provides opportunities for foreign adversaries to intercept voice and e-mail transmissions. The State Mobile Communications (MC) Team was responsible for establishing secure mobile voice and data communications for Clinton and her team when they were traveling domestically and abroad. When the security climate required, the State MC was capable of [REDACTED] could be received and viewed by Clinton and/or her designated staff.

It is not clear to what extent the Mobile Communications Team could have prevented intrusion by the Chinese since a REDACTED portion apparently covers the methods to secure communications. Given Hillary’s reckless disregard for security measures, it is possible that the MC Team was unable to shield Hillary’s email use from interception.

If the Chinese did gain access, it is unlikely it would have been noticed, since there was only limited monitoring for attempted intrusions into the server. Bryan Pagliano was the IT tech who helped to transition Hillary’s email account from Apple to a Windows server.  From the FBI report (page 28, of Part 1)

When asked about the maintenance and security of the server system he administered, Pagliano stated there were no security breaches, but he was aware there were many failed login attempts, which he referred to as brute force attacks. He added that the failed attempts increased over the life of the Pagliano Server, and he set up the server's logs to alert [Bill Clinton IT aide Justin] Cooper when they occurred. Pagliano knew the attempts were potential attackers because the credentials attempting to log in did not match legitimate users on the system. Pagliano could not recall if a high volume of failed login attempts emanated from any specific country.

Therefore, if the Chinese had the correct ID and Password, they could have monitored the email server undetected since Pagliano, and Cooper were only looking for failed login attempts.

Even after the server was upgraded to encrypt login credentials, if Hillary used the same password, the Chinese could still access her emails.

Besides China, other governments would have had the opportunity to gain access to Hillary’s emails. During the vulnerable period from January 2009 to late March 2009, Hillary traveled to Japan, Indonesia, South Korea, Egypt, Israel, Palestinian Authority, Belgium, Switzerland (where she met with Russian Foreign Secretary Lavrov), Turkey and Mexico. Any of those countries could have gained access to her emails.

These FBI reports help to clarify the extent to which Hillary’s reckless use of an unsecured email server put our country’s secrets at risk of interception by foreign adversaries. It is also of concern that the FBI resorted to the time honored Washington practice of dumping damaging documents on Fridays ahead of national holidays where the damage can be minimized. This demonstrates the extent to which the FBI has been politicized, which is another reason to doubt the impartiality of Director James Comey’s decision to not refer Hillary’s email case to the Justice Department.