During her press conference at the U.N., Hillary Clinton claimed that the private server she was using was secure because “it was on property guarded by the Secret Service.” But as the WSJ’s James Taranto writes about Mrs. Clinton, “Maybe she’s been watching ‘House of Cards,’ whose second season has a hacking subplot that involves obtaining physical access to a server farm. But of course that’s not how hackers typically operate in the real virtual world.”
Mr. Taranto notes that in a recent article for GeekWire.com, a specialist in both computer security and public relations—Christopher Budd—claims that Hillary’s use of a private server while serving as secretary of state may “represent one of the most serious breaches in data handling that we’ve ever heard of.” Here, Mr. Tarnato lists Mr. Budd’s three reasons:
- The Secretary of State is a very “high value target” from the standpoint of nation-state threat actors. The President, Secretary of Defense and the head of the CIA would also qualify in this top tier. These individuals handle the most important, most sensitive, most dangerous and therefore most interesting information to foreign intelligence.
- Nation-state threat actors represent the top of the food chain in terms of adversaries in information security. Nation-states can bring the most talent and resources to bear in this arena. For all the worry about cybercriminals and terrorists, everyone in information security looks at nation-state threat actors as the most advanced and sophisticated threat to defend against.
- Take #1 and #2 together and you have a situation where the very high value targets are threatened by the most advanced and sophisticated offensive information security capabilities out there. Put another way, the best of the best are gunning for those people to get their information.
The third point is critical: if the best of the best are after your information, you need the best of your best protecting it. And there is simply no way that a “homebrew” server is EVER going to have the security and resources appropriate to defend it adequately.