Nghia Hoang Pho, a former developer for the US National Security Agency (NSA) was sentenced 5.5 years by Baltimore US district court on Tuesday 25 September for taking home classified information. Nghia Hoang Pho is a naturalized immigrant from Vietnam who was hired in 2006 by the NSA to work on their Tailed Access Operations (TAO) division. Through his time at the NSA Pho took home approximately 5 years’ worth of both hard copies and digital versions of classified documents. Pho maintains that his actions had no malicious intent, but the NSA testifies that this is a serious breach in security. Pho’s machine was also breached in 2014 in what is believed to be a Russian state sponsored attack to gain NSA information. It is believed the compromise happened then Pho installed a pirated version of Office 2013. Through installing this software Pho’s computer was infected with a Smoke Bot and Smoke Loader, named Mokes backdoor, a Trojan that steals information. Pho plead guilty to the charges of unlawfully bringing home sensitive NSA information and housing it on his computer, where it was ultimately stolen by Russian sate sponsored actors. Russian security company Kaspersky Lab came under scrutiny after it was alleged that their security software, installed on Pho’s home computer, forwarded the information into the hands of the Russian state once their toolset flagged up something interesting. They deny these allegations. The NSA is under mounting scrutiny to protect its information as a matter of national security with Pho being the third such NSA employee in recent years to be charged with mishandling of NSA data. The others being Edward Snowden’s infamous leaks, and the actions of the hacking crew Shadow Brokers. Pho will serve 66 months in prison, before taking 3 years of supervised release once his prison terms has been served.
For more tutorials, news, and resources on hacking and cybersecurity, visit our blog at DarkbyteGear.com.