State Dep't defends handling of classified, sensitive info
The State Department is defending its handling of classified and sensitive information against statements by the FBI director that the department doesn't handle such information as well as other government agencies.
"What I can tell you is, we don't share the broad assessment that there's a lax culture here at the State Department when it comes to dealing with classified information," department spokesman John Kirby said. "Quite the contrary. We take it very seriously."
FBI Director James Comey said Tuesday the State Department is "generally lacking in the kind of care for classified information that is found elsewhere in the U.S. government," echoing findings of multiple previous reviews of cybersecurity at the State Department under former Secretary of State Hillary Clinton.
Comey condemned the State Department's security culture as he announced that the FBI was recommending against criminal charges for Clinton's use of a homebrew email system.
He said Clinton and her aides were "extremely careless in their handling of very sensitive, highly classified information."
Comey's criticism of Clinton renewed long-simmering questions about the security of State Department information under Clinton's watch.
The State Department's compliance with federal cybersecurity standards was below average when Clinton became secretary of state in 2009 and got worse in each year of her tenure, according to an annual report card compiled by the White House, based on audits by agency watchdogs last year. And previous reviews found that the department's unclassified email system was breached by hackers linked to Russia in 2014 who stole an unspecified number of emails.
In each year from 2011 to 2014, the State Department's poor cybersecurity was identified by the agency's inspector general as a "significant deficiency" that put the department's information at risk.
Two successive inspectors general found serious problems with the department's cybersecurity efforts, including in December 2013 when Inspector General Steve Linick issued a "management alert" warning top department officials that repeated failures to correct cybersecurity holes put the department's data at risk.
The hack from Russia was so deep that State's email system had to be cut off from the Internet last year while experts worked to eliminate the infestation.
Clinton did approve significant increases in the State Department' information technology budgets while she was secretary, but senior State Department officials have said she did not spend much time on the department's cyber vulnerabilities. Her emails show she was aware of State's technological shortcomings, but was focused more on diplomacy.
And it's clear from her own emails that Clinton regarded government information technology systems as substandard and worked to avoid them.
"State's technology is so antiquated that NO ONE uses a State-issued laptop and even high officials routinely end up using their home email accounts to be able to get their work done quickly and effectively," top Clinton aide Ann-Marie Slaughter wrote in an email to Clinton on June 3, 2011.
Clinton has apologized for her use of a private email server for official business and her campaign reiterated that again after Comey's announcement. Clinton has said her server had "numerous safeguards," but she hasn't detailed if it received appropriate software security updates or if it was monitored routinely for unauthorized access. In October, the AP discovered it was connected to the internet in ways that made it vulnerable to attack.
Comey said there's no "direct evidence" that Clinton's server was successfully hacked, but he said the FBI "would be unlikely to see such direct evidence" because of the nature of the services and the "actors potentially involved." But the FBI did find that hackers were able to get into the email accounts of people she regularly corresponded with.
© 2016 The Associated Press. All rights reserved.