Business continuity

Clinton Email Server: Datto Recommended Encryption

Cyber attackers targeted Hillary Clinton's private email server in early 2013, and Datto -- the cloud backup and business continuity provider -- recommended encryption services to protect email and backups from potential attacks, published reports say. The twist: Datto's encryption advice apparently fell on deaf ears, according to published reports.

USA Today stated:

"Hillary Clinton's controversial private email server, which she used during her tenure as secretary of State, was the target of cyberattacks from around the globe and was inadequately protected against such attacks.

Attempted attacks on Clinton's server from China, Germany and South Korea occurred after she left office in early 2013, the Associated Press reports citing a "congressional document."

Although a "threat monitoring" product installed on the network by Clinton employees in October 2013 apparently thwarted the attempts, the server was unprotected for more than three months prior to that.

 expressed concerns over the summer that the system was inadequately protected and vulnerable to hackers, a company official said Wednesday. But the concerns were rebuffed by the company managing the Clinton account, Platte River Networks, which said it had been instructed by the FBI not to make changes. The FBI has been reviewing the security of the e-mail system.

had not been aware that it was handling Clinton e-mails until media reports in August noted Platte River Networks’ involvement with the controversy surrounding the former secretary of state’s e-mails.

Datto officials, worried about the “sensitive high profile nature of the data,” then recommended upgrading security by adding sophisticated encryption technology to its backup systems, said the Datto official, who requested anonymity to discuss an issue involving a client.

The Datto official said there is no evidence the company’s systems had been attacked."

Separately, a detailed Associated Press report says cyber attacks repeatedly targeted Clinton's server in 2014.

Datto has offered encryption technology since at least 2013 -- allowing MSPs or customers to hold the decryption key. That approach ensures the end-customer or the MSP -- rather than Datto -- controls if or how subpoenaed information is turned over to authorities.

Investigation Continues

In an email to ChannelE2E earlier this week, Datto confirmed that it's cooperating with the FBI as the U.S. government seeks more information about Clinton's personal email server.

The Datto statement didn't mention Clinton or her managed services provider (Platte River Networks) by name. To maintain company privacy policies, Datto said it had the "consent of our client and their end user" -- an apparent reference to Platte and Clinton -- to cooperate with the FBI.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.