Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

7/5/2016
12:00 PM
50%
50%

Comey: No Evidence Clinton Email Server Was Hacked, But Still 'Possible'

The FBI does not recommend charges against Hillary Clinton after investigation into use of her personal email server.

The FBI today said it found no evidence that hackers had infiltrated the email servers of Hillary Clinton but FBI director James Comey said the department concludes that it's still "possible" sophisticated attackers could have done so undetected.

Comey in a press briefing today detailed the findings today of the FBI's investigation into Clinton's controversial use of a private email server during her tenure as US Secretary of State. The FBI recommended that no criminal charges be filed in the wake of the investigation, because there was no evidence of wrongdoing or criminal intent. But according to Comey, Clinton and her staff were “extremely careless” in their email practices.

While the FBI found no "direct evidence" of a "successful" breach of Clinton's email domain, Comey said the likely sophisticated attackers would not necessarily have been visible. "Given the nature of the system and of the actors potentially involved ... [investigators] were unlikely to see" those attacks, he said. 

The FBI also concluded that hackers did gain access to commercial email accounts of other users with whom she corresponded regularly. 

Given Clinton's practice of sending and receiving email in the "territory of sophisticated adversaries," it's "possible that hostile actors gained access to Secretary Clinton's personal email account," Comey said.

See the full text of Comey's briefing here.

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
theb0x
100%
0%
theb0x,
User Rank: Ninja
7/11/2016 | 8:31:15 AM
Email
What a great idea! Lets put an email server in the bathroom!
ebm
50%
50%
ebm,
User Rank: Apprentice
7/6/2016 | 11:31:26 AM
No Evidence Clinton Email Server Was Hacked, But Still 'Possible'
By the time Clinton turned over the email server the evidence of a hacker attack could of been wiped from the server just like the 'Personal Email'

What is really scarry is that our top goverment IT people did not know or take action while this was going on.
paulno
50%
50%
paulno,
User Rank: Apprentice
7/6/2016 | 11:20:12 AM
Re: No Evidence Clinton Email Server Was Hacked, But Still 'Possible'
Yes it's disturbing but I'm not surprised as it's a common "game" for years. And moreover it seems there's a rise of such actions for few weeks : for example some stole Marc Zuckerberg's (Facebook creator) Twitter account and also the Quora page of Google director. Billion of passwords have been stolen on Linkedin as well. Linkedin, the biggest professionnal social network in the world. I wonder if a similar problem didn't occured with Obama few years ago but I'm not sure. And why ? Most of the time only because chosen passwords are extremely easy to find, even for basic hackers... In the case of Clinton I guess consequences can be much more serious though and could even be a thorn in her campaign.
Kelly Jackson Higgins
100%
0%
Kelly Jackson Higgins,
User Rank: Strategist
7/5/2016 | 3:33:32 PM
Colin Powell's comments
Here's what Colin Powell previously said about the server issue:

http://www.darkreading.com/risk/gen-colin-powell-triage-the-cyber-threats/d/d-id/1322675
GonzSTL
100%
0%
GonzSTL,
User Rank: Ninja
7/5/2016 | 12:53:52 PM
No Evidence Clinton Email Server Was Hacked, But Still 'Possible'
What a colossal disservice to the nation, and a terrible precedent for information security! So many security protocols ignored and breached, and at such a high level of government!
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20619
PUBLISHED: 2021-01-19
Cross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2020-29450
PUBLISHED: 2021-01-19
Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the avatar upload feature. The affected versions are before version 7.2.0.
CVE-2020-36192
PUBLISHED: 2021-01-18
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues (either marked as Private, or part of a private Project), if they are attached to an existing Changeset. The information is visible on the view.php p...
CVE-2020-36193
PUBLISHED: 2021-01-18
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.