As news of Hillary Clinton using a private email during her tenure as Secretary of State continues to emerge, TheBlaze has learned that the email domain was hosted by a “consumer grade” company whose data was hacked in 2010, with information being sent to Ukraine. Additionally, data reveals that the domain was hosted at one point in the British Virgin Islands. This, experts say, is a big security no-no.
In this photo taken July 9, 2013, former Secretary of State Hillary Clinton listens as she is introduced to speak at a women's leadership symposium at Bryn Mawr College in Bryn Mawr, Pa. Clinton s effort to carefully craft her post-Cabinet image has hit a few bumps with the latest sexting scandal revelations in the New York City mayoral campaign of Anthony Weiner, the husband of close Clinton aide Huma Abedin, and the SEC investigation roiling the Virginia governor s race of Terry McAuliffe, former chairman of Clinton's 2008 presidential campaign, with both recalling politically problematic chapters of her past. (AP Photo/Matt Rourke)
Domain history data reveals Clintonemail.com was registered in 2009 with Network Solutions, shortly after Clinton was appointed as the nation’s top diplomat. But the decision to host the domain for such a high-profile person on a consumer registrar like Network Solutions is questionable to security experts.
Bill Sweetman, a domain registration expert based in Canada who describes himself as part of the “left-leaning camp,” told TheBlaze Friday that the whole Clinton email controversy has struck him as “naive on the part of the players.”
“If you’re someone that is concerned about security of your data, you don’t go and register your domain name with a consumer-oriented registrar like Network Solutions or GoDaddy,” Sweetman said.
“You would work either with a corporate domain registrar like MarkMonitor or CSC, or you would talk to your employer – in this case the government – about their internal solutions that would protect the domain name and would protect the data associated with it.”
Sweetman isn't alone in thinking this.
Rod Rasmussen, a leading expert on the abuse of domain name systems, wrote in a 2013 column for the trade publication Security Week, that any domain managers using a consumer-grade registrar for a "major enterprise" should lose their jobs. Rasmussen wrote the piece after Network Solutions was hacked in 2010, resulting in thousands of domains being transferred to Confluence Networks, a domain registrar traced to the British Virgin Islands.
“When it comes to Internet security, there is absolutely no way major corporations would use consumer grade anti-malware and anti-phishing solutions as a one-stop security solution. So why would major organizations – we’re talking major Fortune 500 companies, government agencies, financial services and critical infrastructure organizations – put their domains in the hands of consumer grade registrars?” Rasmussen wrote.
Among the companies whose domains were moved offshore at the time of Rasmussen's column were organizations like LinkedIn, Fidelity, Craigslist, Yelp and the U.S. Postal Service
“We have received reports that Network Solutions customers are seeing malicious code added to their websites, and we are really sorry for this experience,” company spokesman Shashi Bellamkonda wrote in a company blog post at the time. Aside from that admission, Rasmussen wrote that Network Solutions has been “tight-lipped” about the details, only adding that the websites of a “small number” of customers were “inadvertently affected for up to several hours.”
Computer World reported in 2010 that throughout the course of the attack, users of up to 50 domains hosted by Network Solutions were redirected to a Ukrainian attack server.
Historical domain data associated with Clintonemail.com reveals the last recorded change to a Clintonemail.com IP address occurred Dec. 22, 2011. A simple lookup of that particular IP address shows it is hosted in Road Town, British Virgin Islands, although its unclear whether the offshore IP address is a direct result of the Network Solutions hack.
Image source: DomainTools.com
Image source: DomainTools.com
What's also unclear is whether Clintonemail.com was one of the domains directly involved in the same attack that redirected to a Ukrainian attack server. What is evident, however, is that the security threat posed by Hillary Clinton using a “consumer-grade registrar” for her private email domain, potentially containing classified information, was greater than the threat that could have been posed had she decided to use the State.gov domain.
Since the New York Times broke the story, questions surrounding Clinton’s use of private email have circulated throughout the media and even some members of her own party. Republicans, especially those who are expected to be considering a 2016 presidential run, have also pounced on the issue. After days of silence, Clinton finally tweeted a response to the controversy Thursday.
Clinton’s successor, Secretary of State John Kerry, told the press during a visit to Saudi Arabia that the review would be conducted “as rapidly as possible,” Reuters reported.
But the review of the nearly 55,000 emails Clinton sent from her private email could take some time, as one State Department official acknowledged: ”The review is likely to take several months given the sheer volume of the document set.”
–
Follow Jon Street (@JonStreet) and Liz Klimas (@LizKlimas) on Twitter
