In what’s being called “a remarkable spy-vs.-spy twist,” a National Security Agency employee pleaded guilty to violating the Espionage Act after Israeli cyber spies tipped off the agency about a security breach.
Nghia Hoang Pho faces an eight-year sentence for willful detention of national defense information for working at home without authorization on sensitive hacking tools, The Washington Post reported.
Pho was nabbed because he used Kaspersky Lab anti-virus software, which is banned on federal government computers out of fear that it could enable Russian government spying — Kaspersky is a Russian firm.
More from The Post:
Pho, a naturalized citizen, worked as a developer in Tailored Access Operations (TAO), the agency’s elite hacking unit, which gathers intelligence by penetrating the computers of foreign governments and other targets overseas. The unit is now called Computer Network Operations.
He held various clearances, and former officials said he had no malicious intent in working on the tools at home. But the breach violated protocols and conditions for holding a security clearance. According to a court document, from 2010 to March 2015, Pho removed classified material in hard copy and digital form.
Israeli government hackers had compromised Kaspersky’s network and detected hacking-tool signatures that they recognized as the NSA’s and alerted the agency, the newspaper reported.
Pho, 67, was removed from his position in 2015 as a result of this.
Stephen M. Schenning, acting U.S. attorney in Maryland, said Pho’s “conduct cannot and will not be tolerated.”
“The facts supporting this criminal charge and guilty plea display a total disregard of the defendant’s oath and promise to protect our nation’s national security,” Schenning said.
A TOA contractor, Harold T. Martin III, was charged with violating the Espionage Act earlier this year for taking classified tools and other material home over several years, the paper reported. He has pleaded not guilty.
Congress and the Pentagon are greatly concerned about the NSA’s loss of control over its sensitive hacking tools, according to The Post.
Hacking tools similar to those taken by Martin were part of an August 2016 release by a group called the Shadow Brokers. Investigators suspect the Russian government is behind that release, though they have no proof to substantiate the claim.
Latest posts by Tom Tillison (see all)
- ‘Get your facts straight!’ Testy Chris Wallace jumps all over Katie Pavlich - January 27, 2020
- Mark Levin offers a sober take on Bolton’s likely strategy – and motivation - January 27, 2020
- Texas Democrats set out to win control of state, have new strategy to pull it off - January 27, 2020