Hillary Clinton not only used a personal blackberry as secretary of state that was less secure than the government-issued device she was never issued, but she also reportedly used her less secure device “in foreign countries where State Department employees are routinely cautioned about the use of mobile devices,” which increased the national security threat.
According to a Politico review of photos from press pool reports, Clinton used her blackberry in countries like Vietnam, Brazil, and South Korea. Martin Libicki, “a cybersecurity expert and senior scientist at the Rand Corporation,” told the outlet that “the risk of targeted theft of an official’s data is greatest in nations with telecoms that are owned or largely controlled by the government” because “state-aligned hackers could pull any unencrypted data, such as the metadata connected with a phone call, straight off the cell towers.”
Politico reported that in Vietnam, for instance, “there’s a concern Chinese government hackers could pull information from the Vietnamese government-owned telecom — either through an intelligence-sharing agreement with Vietnam or because Vietnamese officials make little effort to keep Chinese spies out of their networks.”
The outlet also noted that “the most important component for BlackBerry security is the BlackBerry Enterprise Server, a piece of ‘middleware’ that encrypts email and securely connects other applications with the BlackBerry handset, making it significantly more secure than the basic BlackBerry an average consumer might buy.” Though “these systems are typically bought by organizations,” they “can also be bought — at great expense — by individuals or families with major security concerns,” and security experts said the first question they would want answered about Hillary Clinton’s private blackberry is whether she had the Enterprise Server.
Government-issued blackberries are much more secure since the security of BlackBerry systems “is dependent on roughly 600 ‘IT policies’ — essentially security measures that can be switched on or off,” and “the more switches that are turned on, the more secure the device or network of devices will be,” according to a blackberry expert interviewed by Politico.
Security experts noted that “individuals generally turn on far fewer of those security measures and take more security shortcuts than would IT professionals charged with keeping State Department information out of the hands of foreign hackers.”
Though Clinton claimed that she did not have security breaches, a recent Verizon report “found it takes companies roughly a month on average to discover they’ve been breached, even with complex security and a team of staffers.” Stephen Perciballi, “a systems security engineer who previously worked for Softchoice, a major BlackBerry retailer for government and industry,” said that “he’d want a team of specialized forensic analysts to personally inspect the network and emails” to see if Clinton’s emails were hacked.
Even if Clinton never sent classified material over her personal email account, as she claimed, former counter-intelligence officials noted that “even unclassified communications involving the secretary of state would be useful intelligence for another nation’s spy service” because “something as simple as the frequency with which Clinton emailed different state officials or other Cabinet secretaries could provide insight into how a particular policy is being developed.”