The FBI is investigating Hillary Clinton’s private email server out of its headquarters in Washington, D.C., in an “unusual move,” The New York Times reported.
“Nearly all [FBI] investigations are assigned to one of the bureau’s 56 field offices,” according to The Times.
“But given this inquiry’s importance, senior F.B.I. officials have opted to keep it closely held in Washington in the agency’s counterintelligence section, which investigates how national security secrets are handled.”
Though Clinton’s use of a private email address was not illegal and was permitted by State Department rules, the federal government has standards for how servers are built, how they are secured, and how their data is stored.
The FBI is looking into the configuration of the server that Clinton handed over to authorities.
Clinton has insisted that she never sent or received classified information at the time that it was classified, and there has been no evidence that she broke the law.
However, the intelligence community’s inspector general, Charles McCullough III, told Congress last week that he discovered two emails sent to Clinton that contained information classified as “Top Secret/Sensitive Compartmented Information,” which is the government’s highest levels of classification.
‘They’re worried about it’
Those two emails were drawn out of a batch of 40 emails randomly selected from about 30,000 “work-related” emails Clinton turned over to the State Department.
Some of the information — such as communications intercepted via satellite or drone — is protected under the law 18USC798, which means that they have even tighter rules and higher penalties.
Massimo Calabresi of Time notes that the law “makes it a crime not just to knowingly mishandle such secrets, but also to use them ‘in any manner prejudicial to the safety or interest of the United States.'”
Consequently, a senior intelligence official familiar with the case told Time, the FBI’s investigation “will go way beyond what the intelligence community’s Inspector General ever would do.”
The FBI is seeking to determine who at the State Department passed highly classified information to Clinton’s account in 2009 and 2011. Given the FBI involvement, the Clinton campaign is getting nervous as the investigation intensifies.
“They’re worried about it,” a longtime Clinton adviser and confidant told The Washington Post. “They don’t know where it goes. That’s the problem.”
‘How did they secure it?’
Clinton’s unusual email system was originally set up by a staffer during Clinton’s 2008 presidential campaign, replacing a server used by her husband, former President Bill Clinton.
The new server was run by Bryan Pagliano, who had worked as the IT director on Hillary Clinton’s campaign before joining the State Department in May 2009. In 2013 — the same year she left the State Department — Clinton hired the Denver-based company Platte River Networks to oversee the system.
Facing criticism earlier this year for exclusively using a private server during her time as secretary of state, Clinton handed over 30,000 work-related emails for the State Department to make public. She also deleted 31,000 emails that she says were personal.
It’s unclear if any sensitive information was stored on the server while under Platte River’s oversight. Platte River “is not cleared” to have access to classified material, Cindy McGovern, chief public affairs officer for the Defense Security Service, told The Daily Caller.
In any case, the decision to hire Platte River to secure the system is facing scrutiny.
“My big issue here is do you want a small firm with little/no government experience or contracting (according to what’s being reported) and no stated security expertise to be in charge of the email system for our [former] secretary of state?” Cybersecurity expert Alex McGeorge of Immunity, Inc. told Business Insider over email.
“That is fundamentally ridiculous.”
Among the questions McGeorge has, and that will likely be investigated by the FBI, are: “How did they secure it? Were they monitoring it for intrusion? If so, how? Were there backups? If so, what kind and how often, and where are those backups now? What kind of security testing did they do, if any? Was the system subject to a penetration test by a third party? Is that report available?”
The Times notes that the FBI “is also trying to determine whether foreign powers, especially China or Russia, gained access to Mrs. Clinton’s private server, although at this point, any security breaches are speculation.”