Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Ex-NSA Hacker Sentenced to Jail Over Kaspersky Leak

A former National Security Agency hacker whose leak of extremely top secret online spying materials led to the US government ban on Kaspersky software was sentenced to 66 months in prison Tuesday.

A former National Security Agency hacker whose leak of extremely top secret online spying materials led to the US government ban on Kaspersky software was sentenced to 66 months in prison Tuesday.

Nghia Hoang Pho, 68, a 10-year veteran of the NSA’s elite Tailored Access Operations hacking unit, pleaded guilty in December to one count of willful retention of classified national defense information.

Authorities discovered that between 2010 and 2015, he had taken home with him substantial TAO materials, including programs and data, that eventually ended up in the hands of Russian intelligence.

Vietnam-born Pho put the information on his home computer, which was protected by the popular Kaspersky anti-virus program. US authorities believe that Russian intelligence was able to access his computer through Kaspersky.

In order to function, the Kaspersky program needs a computer owner’s blanket permission to access the machine’s systems.

It then communicates the results of its anti-virus scans to Kaspersky headquarters — in Moscow.

The Wall Street Journal reported last year that the 2015 penetration of Pho’s computer led to the Russians obtaining information on how the NSA itself infiltrates foreign computer networks and protects itself from cyberattacks.

Kaspersky itself later confirmed the theft, saying what was stolen included essential source code for so-called Equation Group hacking software from the NSA.

Advertisement. Scroll to continue reading.

The leak was one of the most devastating ever for the NSA, one of the US government’s most important spy agencies, and significantly set back its operations against foreign targets’ computers.

“As a result of his actions, Pho compromised some of our country’s most closely held types of intelligence, and forced NSA to abandon important initiatives to protect itself and its operational capabilities, at great economic and operational cost,” said US Attorney Robert Hur.

The incident was a key reason for the US government’s ban on using Kaspersky anti-virus software on government computers, warning that the company has suspect links to Russian intelligence.

Kaspersky denies any ties to the Russian government or its spies.

RelatedRussian Hackers Exploited Kaspersky Software to Steal NSA Exploits

Related: The Increasing Effect of Geopolitics on Cybersecurity 

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...