Compliance Management, Incident Response, TDR

Emails raise more questions of Clinton infosec practices

A batch of recently released documents set off renewed discussions about Hillary Clinton's information security practices as former U.S. Secretary of State.

The documents, which were obtained by Judicial Watch through a Freedom of Information Act request, included 296 pages of declassified State Department documents.

Contained in the released documents is an email discussion between Clinton and her then-Chief of Staff Cheryl Mills. After Clinton landed from a February 22, 2009 trip abroad, she and Mills tried unsuccessfully to connect through Clinton's secure communication. After an hour of trying to connect, Clinton wrote to Mills, “Are you calling me? What #? I called ops and they gave me your ‘secure' cells… but only got a long high pitched whining sound.”

Mills replied to Clinton's request, “they were supposed to connect us - I called some time ago to do a secure call with you -- call them and ask them to try the connection”.

At that point, Clinton, growing increasingly frustrated, wrote to Mills, “I give up Call me on my home#.”

Mills then apparently attempted to reach the former secretary on her unsecure phone line. A moment later, she replied in an email to Clinton, “Just did - no answer”.

Shortly after the attempt, Clinton wrote back, “Pls try again-”. The conversation ended there, without indication of whether Clinton and Mills connected or the topics discussed.

Alexander Urbelis, a partner at Blackstone Law Group who worked for the U.S. Army and the Central Intelligence Agency, told that he found the conversation concerning. “Employees undergo a fairly rigorous training process,” he said. “The fact that Clinton's Chief of Staff was trying repeatedly to reach her over a secure line indicates to me that what they were proposing to discuss was fairly sensitive information.”

On Thursday, a former Congressional chief of staff said he expects Clinton's email woes will affect U.S. federal cybersecurity policy.

Urbelis, who specializes in information security law, domain names, and online privacy, said, “Then-Secretary of State Clinton's quick reversion to insecure channels of communication indicates to me, first, either ignorance of or willful blindness to security protocols with which every federal employee who handles classified information must comply, and, second, would indicate to me a priority of expediency over security.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.