(2022 Update) In trouble for checking personal e-mail at work

In 2015 I commented on this story for Archer News. The story was about then Sec. Jeh Johnson using a personal email account while at work. Sec. Jeh Johnson would go on to admit he had given permission to upwards of 28 staffers to use personal email. Including he was also using personal email in a public admission. And that he had come to understand the security risk.

Quote from the original article below

Originally published 2015

“They have an exception process for allowing what he did, and I can think of more than one reason why the Secretary of Homeland Security wouldn’t want communication methods to be documented,” said Daniel Lance with Archer Security.
“You have to try showing misuse in these cases. Even if intelligence information was in transit on these private accounts, who are we to say that the oversight committee hasn’t stumbled upon an intelligence project at the higher levels of our national security?” he asked.
https://archerint.com/in-trouble-for-checking-personal-e-mail-at-work/

(2022 Update) My theory that this was part of an intelligence operation is mostly validated.

Hillary Clinton / Email-Gate

The story about checking personal email at work broke in March 2015 before we knew about the Hillary Clinton “email-gate” were a private server containing 30,000 emails that had been deleted was being used for official government business and that should have been part of the public record. This is notable because Jeh Johnson was a huge proponent of the Russian collusion narrative that started with the 2016 election integrity claims from the Democratic National Convention (DNC) and the Clinton campaign. A “hack” that was later posted to WikiLeaks would reveal the DNC had colluded with the Clinton campaign to “rig” the DNC presidential primary for Hillary Clinton. Crowd Strike would be brought in to investigate the DNC hack, and was the only entity given access to the servers in question directing the FBI in their investigation.

Special Note on Crowd Strike’s involvement: I have no privileged information on this. I am only sighting the public record. Lots of incorrect information has been published about the involvement of Crowd Strike. One example is from the AP that can be found here. Please review the video below and use your own judgment:

FBI requested DNC servers multiple times, and denied – James Comey

Russian Collusion

Jeh Johnson would go on to support the idea the 2016 election had been stolen and hacked by Russia shortly after the election, and later revised his position on this statement. No significant evidence was ever found even though a FISA Court had upheld and renewed warrants for investigation of the Trump campaign and Trump family utilizing the most sophisticated intelligence apparatus to inspect the communication of a sitting president and his family, at one point Donald Trump Jr. was alleged to have committed capital treason due to this, although again no evidence was found or supplied to support the claims against Don, Jr.

John Brennan Connection

Jeh Johnson was one of just eight signatures recommending John Brennan during confirmation in 2013. John Brennan would admit ‘there were mistakes made’ in FISA applications, and suggested FBI was ‘overly aggressive’ during the Foreign Intelligence Surveillance Act (FISA) application process during the Russia collusion investigation. He was recommended by the very peers that were supporting a false narrative that would later see an FBI agent charged with forgery for creating evidence that would continue to support the FISA investigation into Trump and family.

John Brennan testifies before the House Intelligence Committee Russian Investigation Task Force.

Just a coincidence?

In cyber security we often refer to TTP (Tactics Techniques and Procedures) when you spend large portions of time working in intelligence, evasion techniques become somewhat obvious. However it is generally difficult to learn a completely new way of working when we are trying to cover our tracks, I don’t believe today there is any coincidence between numerous staffers needing private email access and the series of events that followed including large swaths of missing data that should have been under legal hold even outside the possession of the federal government due to their content, nature, and the people they were serving as public officials. I think what we might have stumbled upon here as we’ve been chasing cyber security issues for years in the public sector was a initiative not unlike a formal intelligence operation. But one which required audit-ability and accountability to be minimal. 18 months after my initial comments were made on the story of Jeh Johnson and staff using personal email accounts for official business, it was assured the content of those conversations would not be fully recovered.

This smelled like an intel operation because it was one. However it was one that needed to be carried out against members of Congress, Senator Bernie Sanders, The Trump campaign and Trump family. The focus of use of this private email within DHS is still unknown however judicial watch was successful in obtaining 200+ emails from Jeh Johnson’s personal email via petitioning the courts for a preservation order. The emails are a wide range of government communication including something that looks like insider information on Lockheed Martin receiving a contract.

Political Football

I acknowledge this has become a political football for many people. My concern is and always has been the truth and if misuse can be proven on data that has been deleted or obscured. It is a topic of Cyber Security and Infrastructure, my professional opinion is one of an apolitical observer following what turned into a massive misstep for many people and organizations involved.

Some of those private emails

B-6 = redacted. The freedom of information request act B-6 indicates multiple areas of the documents that could not be released due to current investigations pending. This often times includes sender and body.