Like other sensitive government agencies the State Department was frequently target and increasingly sophisticated phishing attempts. When we first arrived at State, these attempts were similar to the fraudulent emails many Americans experience at home on their personal computers. The often sloppy early attempts to penetrate our secure systems were easy to spot. But by 2012, the sophistication and fluency had advanced considerably, with the attackers impersonating State Department officials in an attempt to dupe their colleagues into opening legitimate looking attachments.
When we traveled to sensitive places like Russia, we often received warnings from the Department security officials to leave our BlackBerries, laptopsanything that communicated with the outside worldon the plane, with their batteries removed to prevent foreign intelligence services from compromising them. Even in friendly settings we conducted business under strict security precautions, taking care where and how we read secret material and used our technology. One means of protecting material was to read it inside an opaque tent in a hotel room. In less well equipped settings we were told to improvise by reading sensitive material with a blanket over our head. I felt like I was 10 years old again, reading covertly by flashlight under the covers after bedtime. On more than one occasion I was cautioned not to speak freely in my own hotel room.
And it wasn't just US government agencies and officials who were targets. American companies were also in the crosshairs. I fielded calls from frustrated CEOs complaining about aggressive theft of an intellectual property and trade secrets, even breaches of their home computers. To better focus our efforts against this increasingly serious threat, I appointed the Departments first Coordinator for Cyber Issues in February 2011. - From Hard Choices, by Hillary Rodham Clinton (Apr 28, 2015).
Wow. Good find.
Imagine if she insisted that all official State Department email be left in an unlocked mail box in front of her New York house and how easy it would be to steal top secret information from it.
An IT manager at General Dynamics, where we worked, told me; we get hit about 30,000 times a day. I asked if it was the Chinese. He said, no, mostly from California universities.
The only security failures I am aware of were caused by individual users who violated policies by sending their personal emails to work so they could read them there. They’d introduce viruses that in at least one case, caused IT to shut down the entire multi-divisional intranet. I have no idea what was lost, if anything. The point is that serious breaches can be caused by low level employees not following the rules. I’ve seen people fired for plugging their USB phone charger into their PC.
Imagine what Hillary’s escapade exposed the government to. A black guy asked me enthusiastically what I thought of Hillary. Probably because I was paying him for a job and we were in transit he sat quietly through my half hour response.
PING