There’s some evidence that Hillary Clinton relied on personal infrastructure for “convenience.” There is also speculation of less innocent intentions. Let’s focus on the convenience angle.
Clinton was subject to IT policy that made it difficult to conduct business in her role as Secretary of State. To be fair, she did what many of us might do in a similar situation and worked around the problem.
There are lessons to be learned here by IT policy makers: Are your policies hindering the effective workflows of your staff? If so, your staff will find ways around these policies, often in ways that subvert the security of your organization beyond what the original measures were introduced to mitigate.
Regarding the attacker motivations, we know as a fact that foreign state-sponsored attackers are working actively to compromise U.S. government, private, and public institution assets. They range from hobbyist attackers working alone and small groups to well-funded, supported, and organized teams.
The attackers are interested in assets that are directly located on their compromise boundary: correspondence between staffers, Clinton, diplomats, strategy around U.S. foreign policy, and so on. In addition, attackers seek to leverage transitive trust relationships between entities to increase their compromise boundaries and access more attractive assets.