WASHINGTON — The State Department was among the worst agencies in the federal government at protecting its computer networks while Hillary Clinton was secretary from 2009 to 2013, a situation that deteriorated as John Kerry took office and Russian hackers breached the department’s e-mail system, according to independent audits and interviews.
The State Department’s compliance with federal cybersecurity standards was below average when Clinton took over but grew worse in each year of her tenure, according to an annual report card compiled by the White House based on audits by agency watchdogs. Network security continued to slip after Kerry replaced Clinton in February 2013 and remains substandard, according to the State Department inspector general.
In each year from 2011 to 2014, the State Department’s poor cybersecurity was identified by the inspector general as a “significant deficiency” that put the department’s information at risk. The latest assessment is due to be published in a few weeks.
State Department officials don’t dispute the compliance shortcomings identified in years of internal audits but argue that the audits paint a distorted picture of their cybersecurity, which they depict as solid and improving. They strongly disagree with the White House ranking that puts them behind most other government agencies.
