CrosswordNewsletters
DAILY BEAST
ALL
  • Cheat Sheet
  • Obsessed
  • Politics
  • Crime
  • Entertainment
  • Media
  • Innovation
  • Opinion
  • World
  • U.S. News
  • Scouted
CHEAT SHEET
    POLITICS
    • Fever Dreams
    • Biden World
    • Elections
    • Opinion
    • National Security
    • Congress
    • Pay Dirt
    • The New Abnormal
    • Right Richter
    • Trumpland
    MEDIA
    • Confider
    • Daytime Talk
    • Late-Night
    • Fox News
    U.S. NEWS
    • Identities
    • Crime
    • Race
    • LGBT
    • Extremism
    • Coronavirus
    WORLD
    • Russia
    • Europe
    • China
    • Middle East
    INNOVATION
    • Science
    TRAVEL
      ENTERTAINMENT
      • TV
      • Movies
      • Music
      • Comedy
      • Sports
      • Sex
      • TDBs Obsessed
      • Awards Shows
      • The Last Laugh
      CULTURE
      • Power Trip
      • Fashion
      • Books
      • Royalist
      TECH
      • Disinformation
      SCOUTED
      • Clothing
      • Technology
      • Beauty
      • Home
      • Pets
      • Kitchen
      • Fitness
      • I'm Looking For
      BEST PICKS
      • Best VPNs
      • Best Gaming PCs
      • Best Air Fryers
      COUPONS
      • Vistaprint Coupons
      • Ulta Coupons
      • Office Depot Coupons
      • Adidas Promo Codes
      • Walmart Promo Codes
      • H&M Coupons
      • Spanx Promo Codes
      • StubHub Promo Codes
      Products
      NewslettersPodcastsCrosswordsSubscription
      FOLLOW US
      GOT A TIP?

      SEARCH

      HOMEPAGE
      Disinformation

      NSA Coder Jailed for Smuggling Secrets That Wound Up In Russian Hands

      MOSCOW MULE

      A mysterious hacker clan. A controversial Russian cybersecurity firm. A top-secret developer with sticky fingers. They all came together in a case that met its climax Tuesday.

      Kevin Poulsen

      Sr. National Security Correspondent

      Updated Sep. 26, 2018 3:01AM ET / Published Sep. 25, 2018 4:11PM ET 

      A former developer for the National Security Agency’s elite Tailored Access Operations hacking group was sentenced in Baltimore Tuesday to five years and six months in prison for bringing home highly classified attack tools and documents that wound up in the hands of a Russian security company.

      Nghia Hoang Pho, 70, pleaded guilty last October to a federal charge of Willful Retention of Classified Information. Beginning in 2010, Pho smuggled government hacking tools and classified documents from the NSA’s Maryland headquarters work from home after hours. The security breach led to a bizarre incident in 2015 in which Moscow-based Kaspersky Lab slurped up classified documents and source code from Pho’s home computer, which was running the company’s anti-virus software. The U.S. has since banned Kaspersky products from government networks, partially as a result of that incident.

      Kaspersky has acknowledged copying Pho’s secret files, but described the incident as an unintended byproduct of its routine malware scanning. Pho’s cache included the source code for an NSA hacking tool that Kaspersky’s product properly detected and flagged for analysis. Kaspersky wound up with classified documents as well, because they were bundled with the code in a ZIP archive. Company founder Eugene Kaspersky ordered his researchers to delete their copy of the documents and code in 2015, the company asserted in a blog post last year, adding that the material “was not shared with any third parties.”

      “Pho came to the NSA’s attention after a massive leak of attack code by a hacking group called the Shadow Brokers. Their identity remains a mystery, but security experts have named Russia’s intelligence services as the most likely culprit.”

      The sentence is less than the minimum six-and-a-half years recommended by federal sentencing guidelines. Prosecutors sought the recommended maximum term of eight years.

      Last month, another NSA contractor received roughly the same sentence for leaking a single document to a news outlet. Reality Winner, 26, was sentenced to 5 years, 3 months in prison for revealing that Russia attempted to hack election-related systems in the U.S. in 2016. The same information was later declassified and included in Robert Mueller’s indictment of Russian intelligence officers.

      In a court filing last March, then-NSA director Mike Rogers said Pho’s actions “placed at risk some of NSA's most sophisticated, hard to achieve and important techniques” of electronic spying, and forced the NSA “abandon certain important initiatives, at great economic and operational cost."

      “In addition, NSA was faced with the crucial and arduous task of accounting for all of the exposed classified materials, including Top Secret information,” Rogers wrote. “These efforts were tremendously expensive and diverted critical resources away from NSA's intelligence-gathering mission, including the development of new and innovative ways to conduct signals intelligence.”

      Pho came to the NSA’s and FBI’s attention as they investigated a massive leak of NSA attack code by a self-described hacking group called the Shadow Brokers, who started publishing the agency’s secrets in the final months of the Obama administration, and increased in frequency and impact after the U.S. bombing of a Syrian airfield in April last year. The most harmful leak, on April 14 of last year, included an exploit against Windows machines that was quickly harnessed by the North Korean government to launch the massive WannaCry ransomware attack.

      The Shadow Brokers’ identity remains a mystery, but security experts have named Russia’s intelligence services as the most likely culprit. “Circumstantial evidence and conventional wisdom indicates Russian responsibility,” exiled NSA whistleblower Edward Snowden tweeted last August. “Why did they do it? No one knows, but I suspect this is more diplomacy than intelligence, related to the escalation around the [Democratic National Committee] hack.”

      The same Shadow Brokers investigation led the FBI to an NSA contractor named Hal Martin, who, like Pho, worked in the agency’s hacking unit. Martin was found hoarding two decades of agency secrets in his Maryland home. He is scheduled for trial in June 2019. Neither Pho nor Martin have been accused of deliberately passing the NSA’s secrets to outsiders.

      The investigation apparently failed to solve its central mystery though, and the source of the Shadow Brokers’ material has still not been determined, or if it has, it’s a secret. For their part, the Shadow Brokers were last heard from in October 2017.

      Kevin Poulsen

      Sr. National Security Correspondent

      @kpoulsen

      Got a tip? Send it to The Daily Beast here.

      READ THIS LIST

      DAILY BEAST
      • Cheat Sheet
      • Politics
      • Entertainment
      • Media
      • World
      • Innovation
      • U.S. News
      • Scouted
      • Travel
      • Subscription
      • Crossword
      • Newsletters
      • Podcasts
      • About
      • Contact
      • Tips
      • Jobs
      • Advertise
      • Help
      • Privacy
      • Code of Ethics & Standards
      • Diversity
      • Terms & Conditions
      • Copyright & Trademark
      • Sitemap
      • Best Picks
      • Coupons
      • Coupons:
      • Dick's Sporting Goods Coupons
      • HP Coupon Codes
      • Chewy Promo Codes
      • Nordstrom Rack Coupons
      • NordVPN Coupons
      • JCPenny Coupons
      • Nordstrom Coupons
      • Samsung Promo Coupons
      • Home Depot Coupons
      • Hotwire Promo Codes
      • eBay Coupons
      • Ashley Furniture Promo Codes
      © 2023 The Daily Beast Company LLC