One has to wonder how retired Admiral Kirby, the State Department spokesperson is gonna spin all the mess noted below.
Hillary Clinton last month signed a certification of all emails being turned over and back to the State Department. Now there is a signature and possible perjury condition.
Are the phone calls flying to the White House demanding ‘executive privilege’ for Hillary and her team?
In part from the DailyCaller and good research team: Former Secretary of State Hillary Clinton’s use of a private email server to conduct official diplomatic business created many national security problems, but they may pale by comparison with the wreckage she left behind in her department’s main digital information security office.
Harold W. Geisel, the State Department’s acting Inspector General, issued eight scathing audits and investigation reports during Clinton’s tenure, repeatedly warning about worsening problems and growing security weaknesses within the Bureau of Information Resource Management, according to a Daily Caller News Foundation investigation.
Geisel’s critical comments about the deficiencies throughout IRM carry additional weight since he was not considered an “independent” IG. Watchdog groups noted Geisel had served as a U.S. Ambassador for Hillary’s husband, President Clinton, and had never been confirmed by the U.S. Senate.
In fact, President Obama did not nominate an IG to the State Department during Clinton’s entire term. It was only in September 2013 that the Senate finally confirmed Geisel’s successor, Steve Linick, who currently occupies the the post.
After Clinton left the State Department in 2013, Linick quickly undertook remedial action to save the IRM. Barely two months after his Senate confirmation, he issued a “management alert” to State Department leadership, warning that IRM’s languishing security deficiencies since 2010 were still there.
“The department has yet to report externally on or correct many of the existing significant deficiencies, thereby leading to continuing undue risk in the management of information,” Linick said.
A spokesman for the Clinton campaign did not respond Sunday to a request for comment.
Clinton put Bryan Pagliano, her 2008 presidential campaign IT director, in the IRM in early 2009 as a “strategic advisor” who reported to the department’s deputy chief information officer. Pagliano had no prior national security experience or a national security clearance.
The seriousness of Clinton’s failure was summarized in a 2012 audit that warned, “the weakened security controls could adversely affect the confidentiality, integrity, and availability of information and information systems” used by U.S. officials around the world.
Geisel’s July 2013 inspection report issued after Clinton’s departure was so damning that the IRM became the butt of caustic comments throughout the IT world.
Network World, an IT review site, for example, headlined one of its articles on the issue with “FAIL: Your Tax Dollars at Play: the US State Department’s Bureau of Information of Resource Mis-Management.” The article charged that the IRM had become “a total joke.”
Another news outlet told its readers that the editors would “like to be able to tell you what the IRM does, but a new report from the Office of Inspector General concludes that it doesn’t really do anything.”
IRM “is evidently an aimless, over-funded LAN party with no real boss or reason to exist,” concluded reporter Jordan Brochette when the 2013 IG report was released.
Scott Amey, general counsel for the Project on Government Oversight, reviewed the IG reports for DCNF and concluded that “State’s IT security record is littered with questionable management, insecure systems, poor contract oversight, and inadequate training. The State IG’s reviews show a pattern of significant deficiencies and few, if any, corrections.”
Geisel issued his first audit of IRM in November 2009, eight months into Clinton’s term. It also was the first audit issued after Pagliano arrived at the bureau. Geisel identified many serious IT security deficiencies that year. Unfortunately, most of the problems would continue to be uncorrected throughout Clinton’s term.
One troubling observation early in Clinton’s secretaryship was that the IG found the State Department and even embassy chiefs of mission suffering from a lack of IT security training, including the lack of “security awareness training.”
The lack of IT security awareness by top State Department officials may partly explain why Clinton and her top aides saw no problems with the use of a personal email server. (RELATED: Fmr. CIA Head: Hillary’s Email Server Was Compromised By Foreign Intel Services)
Geisel also warned in late 2009 that at the IRM, he found “there were no Standard Operating Procedures (SOP) for managing IT-related security weaknesses.”
In an audit about IRM in February 2010, the IG reviewed how well IRM officials were implementing Secretary Rice’s 2007 modernization and consolidation progam.
It was in this 2010 audit that the first hints emerged of poor management at the IRM. Geisel concluded the bureau’s leadership failed to satisfy vulnerable IRM field staff deployed at embassies and consulates. He called them IRM’s “customers.”
The IG “found a significant level of customer dissatisfaction among bureaus about the quality and timeliness of IT services after consolidation.”
In November 2010 Geisel issued yet another warning about shortcomings within IRM. In this report, the IG repeated that IRM “needed to make significant improvements” to address “security weaknesses,”
Once again, he emphasized that IRM had failed in providing mandatory “security awareness training” to all top security personnel. He also noted a failure to require all contractors to undergo mandatory security authorization.
“The department did not identify all employees who had significant security responsibilities and provide specialized training,” the IG charged.
The IG discovered other worrisome problems in 2010. It found officials failed to provide corrective patches for security problems in a third of the cases examined by his office. The IG also pointed to more than 1,000 “guest” IT accounts within the department’s IT systems that could provide entry paths for hackers.
Geisel further reported that the IRM had 8,000 unused email accounts and that department officials never changed the passwords on 600 active email embassy and consulate accounts.
There were also “24 of 25 Windows systems tested [that] were not compliant with the security configuration guidance.”
The damning IG reports continued in July 2011 when Geisel detailed serious problems afflicting a new IRM program called eDiplomacy that Clinton unveiled earlier that year.
Geisel was blunt: “eDiplomacy lacks a clear, agreed-upon mission statement that defines key goals and objectives. With the absence of performance measurement process, management has few means to evaluate, control, budget, and measure the success of its projects.”
Geisel painted an alarmingly negative assessment in a November 2011 audit on the IRM’s overall information security program. Specific details were redacted but the report warned for the first time of “additional security breaches,” saying “we identified weaknesses that significantly impact the information security program controls. If these control weaknesses are exploited, the department could be exposed to additional security breaches. Collectively, these control weaknesses represent a significant deficiency.”
If the breaches weren’t quickly fixed, the consequences would be harmful to “the confidentiality, integrity, and availability of information and information systems.” Complete summary here.
*** Then there is the Clinton Foundation and the proven interaction of the State Department with the Clinton Charity:
Clinton Aide Shared Classified Information With Foundation, Email Shows
FreeBeacon: A member of Hillary Clinton’s staff at the Department of State emailed classified information about the government in Congo to a staffer at the Clinton Foundation in 2012, according to a copy of the correspondence obtained by the Washington Free Beacon.
Cheryl Mills, Clinton’s chief of staff at the State Department, sent the email to the Clinton Foundation’s foreign policy director, Amitabh Desai, on July 12, 2012.
The message, which was originally obtained by the group Citizens United through a public records request, is partially redacted because it includes “foreign government information” that has been classified as “Confidential” by the State Department.
Although the information was not marked classified by the State Department until this past summer, intelligence sources tell the Free Beacon that it would have been classified at the time Mills sent it because “foreign government information” is considered classified from inception.
The message could add to concerns from congressional and FBI investigators about whether former Secretary Clinton and her aides mishandled classified information while at the State Department.
The email, which discussed the relationship between the governments in Rwanda and the Democratic Republic of Congo, was originally drafted by Johnnie Carson, the State Department’s assistant secretary for African affairs, who sent it to Mills’ State Department email address.
Mills later forwarded the full message to Desai along with “talking points for Presient [sic] Clinton” shortly before Bill Clinton was scheduled to visit the region.
About half of the forwarded message was redacted due to its classified nature before the State Department released it to Citizens United last month. Although it is not clear what the redacted section includes, the State Department said in a court motion filed last week that it “concerns both foreign government information and critical aspects of U.S. foreign relations, including U.S. foreign activities carried out by officials of the U.S. Government.”
The State Department added that the “disclosure of this information has the potential to damage and inject friction into our bilateral relationship with African countries whose cooperation is important to U.S. national security.”
The Clinton Foundation and the State Department did not respond to request for comment about the email, or say whether Desai—a non-government employee who has worked at the foundation since 2007—would have been authorized to view “Confidential” information.
Mills currently sits on the board of the Clinton Foundation. She previously served on the board until a month after she joined the State Department in 2009.
An attorney for Mills said that she never knowingly transmitted classified information, and would presume that any information sent to her unclassified State Department email address—as opposed to through the department’s secure email system—was unclassified.
“When a subject matter sent the information on the unclassified system, [Mills] presumed it was unclassified,” said the attorney. ”She never knowingly transmitted classified information.”
Mills’ spokesperson also disputed the notion that the information would have been classified when it was sent. The attorney said that some information is not deemed classified until it is transmitted outside of the State Department.
“Information that is considered unclassified when discussed inside the State Department can later be deemed classified when it is being released outside of the Department,” said the attorney.
Intelligence experts have told the Free Beacon and other media outlets that “foreign government information” is one of the few categories of information that is automatically presumed classified from the time the U.S. government receives it, because it is so diplomatically sensitive.
Foreign government information is “born classified,” J. William Leonard, a former director of the U.S. Information Security Oversight Office, told Reuters in August.
The controversy over Clinton’s use of a private email server while at the State Department has been dogging her presidential bid since it was first revealed by the New York Times earlier this spring.
The Democratic frontrunner has turned over many of her emails in response to a State Department request and congressional inquiries. However, she has said that any emails that were deemed “personal” were deleted from her server.
The FBI is currently attempting to recover the deleted emails as part of an investigation into her server, according to reports.
Clinton declined to say whether the FBI investigation could uncover additional damaging revelations, during an interview with Chuck Todd of Meet the Press on Sunday.
“All I can tell you is that when my attorneys conducted this exhaustive process [of deleting personal emails], I did not participate,” said Clinton.
Clinton is scheduled to testify before Congress on the email issue in October.
Citizens United president David Bossie said the latest news reveals the ways in which the Clintons’s various interests intersect.
“The tangled web that is Clinton, Inc.—the State Department, the Clinton Foundation, and Teneo—is coming more and more into focus every day. Classified information moving from the State Department to the Clinton Foundation is extremely problematic—we’ll see if there’s a pattern here,” Bossie said.