Security Market Segment LS
Wednesday, 26 September 2018 07:52

Ex-NSA hacker gets 5½ years for taking exploits home

Ex-NSA hacker gets 5½ years for taking exploits home Pixabay

A former member of the NSA's elite Tailored Access Operations unit has been sentenced to 5½ years in jail, followed by three years of supervised release, for what the US Justice Department has characterised as "willfull retention of classified national defence information".

Vietnamese American Nghia Hoang Pho, 70, of Ellicot City, Maryland, entered a guilty plea on 1 December 2017 to the charge of taking national defence information home from 2010 to 2015 and retaining it at his residence.

Prosecutors had sought a jail term of at least eight years for Pho, while his own counsel had request no jail time, but a long period of home confinement. Pho has claimed he took the classified material home so he could craft a review that would bring a pay hike which would increase his income when he retired.

There had been hints after Pho's arrest that he may be the source who unwittingly leaked NSA exploits to a group known as Shadow Brokers which exposed them on the Web.

No connection was shown between Pho and the Shadow Brokers, but there has been at least one media report that claimed exploits from Pho's PC had been exfiltrated by Russian hackers who then released them, either through the Shadow Brokers or by themselves under the same name.

The NSA exploits are claimed to have leaked to the Russians through Pho's use of Kaspersky Lab's anti-virus software; like any A-V solution, the software uploads suspicious files to a server for later analysis and when it encountered the NSA files on this man's machine, it did the same.

How the Russians obtained these exploits is a mystery though the obvious implication has been that after they reached Kaspersky's Moscow offices, they were handed over to government hackers. Kaspersky has denied any involvement.

One more ex-NSA man, Harold Martin, is yet to be sentenced after being arrested for a similar offence as Pho: taking NSA data home. Martin pleaded guilty to the charge of illegal retention of information relating to US national security in January.

Announcing Pho's sentence, Assistant Attorney-General for National Security John Demers said: "Pho’s intentional, reckless and illegal retention of highly classified information over the course of almost five years placed at risk our intelligence community’s capabilities and methods, rendering some of them unusable.

“Today’s sentence reaffirms the expectations that the government places on those who have sworn to safeguard our nation’s secrets."

US Attorney for the District of Maryland Robert Hur said: “Removing and retaining such highly classified material displays a total disregard of Pho’s oath and promise to protect our nation’s national security.

“As a result of his actions, Pho compromised some of our country’s most closely held types of intelligence, and forced NSA to abandon important initiatives to protect itself and its operational capabilities, at great economic and operational cost.”

Special Agent in Charge Gordon Johnson of the FBI’s Baltimore Field Office said: “The privilege of working for the US Intelligence Community requires strict adherence to laws governing the lawful secrecy of its work.

“We cannot have a functioning Intelligence Community without the protection of sources and methods, and taking classified information and placing it in a vulnerable setting has profound and often disastrous consequences.

"This case is a clarion call to all security clearance holders to follow the law and policy regarding classified information storage. The FBI will leave no stone unturned to investigate those who compromise or mishandle classified information.”

Subscribe to ITWIRE UPDATE Newsletter here

Active Vs. Passive DWDM Solutions

An active approach to your growing optical transport network & connectivity needs.

Building dark fibre network infrastructure using WDM technology used to be considered a complex challenge that only carriers have the means to implement.

This has led many enterprises to build passive networks, which are inferior in quality and ultimately limit their future growth.

Why are passive solutions considered inferior? And what makes active solutions great?

Read more about these two solutions, and how PacketLight fits into all this.


WEBINAR INVITE 8th & 10th September: 5G Performing At The Edge

Don't miss the only 5G and edge performance-focused event in the industry!

Edge computing will play a critical part within digital transformation initiatives across every industry sector. It promises operational speed and efficiency, improved customer service, and reduced operational costs.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

But these technologies will only reach their full potential with assured delivery and performance – with a trust model in place.

With this in mind, we are pleased to announce a two-part digital event, sponsored by Accedian, on the 8th & 10th of September titled 5G: Performing at the Edge.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News