HOW DO YOU remotely hack a computer that is not connected to the internet? Most of the time you can’t, which is why so-called air-gapped computers are considered more secure than others.The military actually uses several different systems for different levels and types of classification. By far the biggest one is the SIPRnet, which handles information rated SECRET and below. The SIPRnet is huge, comprising thousands of computers across the globe, but it is connected at no point to the commercial internet. Because of the dangers of removable media like thumbdrives, those are forbidden to be connected to the SIPRnet. The computers themselves have to be physically secured, usually by being kept on a military base.
An air-gapped computer is one that is neither connected to the internet nor connected to other systems that are connected to the internet.... A true air gap means the machine or network is physically isolated from the internet, and data can only pass to it via a USB flash drive, other removable media, or a firewire connecting two computers directly. But many companies insist that a network or system is sufficiently air-gapped even if it is only separated from other computers or networks by a software firewall. Such firewalls, however, can be breached if the code has security holes or if the firewalls are configured insecurely.
If you want to move data from the internet into the SIPRnet, or vice-versa, it used to be possible by writing the data to a writable CD, transferring the data, and then breaking the CD to ensure that copy was destroyed. You could only do this legally with unclassified information. I don't know that CDs are even still allowed, meaning that data has to be physically re-typed from one system to the other (which is what we usually did when porting unclassified information, such as news reports relevant to our operations, into the SIPRnet). Then there is no danger of transferring any hidden malware.
Smaller and more secure systems handle Top Secret information, such as JWICS. Being kept on a base isn't good enough for a JWICS computer: it has to be kept locked in a proper SCIF. In addition, of course, it's password protected and requires a physical card identifying the user that is itself coded with information about your security clearance.
So how did this classified information get out of the classified, air-gapped networks and onto Clinton's server in the first place? There are really only two possibilities.
1) Someone, or a team of someones, illegally downloaded the material onto removable media, stripped it of its classification markings, and transmitted it onto the public internet.
2) Clinton arranged to have her private server networked with SECRET and TOP SECRET systems, compromising the security of all the information kept on those systems. If you could hack into her system, which was secured by a truly first-rate organization that made copies of the data and then sold the server on which they resided, you could bypass the air gap and get into nearly all of America's most classified data.
Option (1) is a clear felony, one that would have required numerous man-hours of labor given the number of classified records now turning up. It would have been fairly tedious, too, which means that the work would be passed down to flunkies who probably don't want to go to prison forever -- but their records of accessing the data just before the emails were sent on Clinton's private server will be recorded, because they had to log in and be physically present with their ID cards to do it. It should be possible to find these people and apply pressure to them until they crack and cooperate in return for reduced sentences.
Option (2) is a disaster of unimaginable proportions. However, it would have made it very easy for Clinton to access the information and move data back and forth between her private system and the systems used to communicate with her diplomats in the field. For that reason, I suspect it will prove to be the one she actually employed.