Ex-NSA Hacker Sentenced to Jail Over Kaspersky Leak

A former National Security Agency hacker whose leak of extremely top secret online spying materials led to the US government ban on Kaspersky software was sentenced to 66 months in prison Tuesday.

Nghia Hoang Pho, 68, a 10-year veteran of the NSA’s elite Tailored Access Operations hacking unit, pleaded guilty in December to one count of willful retention of classified national defense information.

Authorities discovered that between 2010 and 2015, he had taken home with him substantial TAO materials, including programs and data, that eventually ended up in the hands of Russian intelligence.

Vietnam-born Pho put the information on his home computer, which was protected by the popular Kaspersky anti-virus program. US authorities believe that Russian intelligence was able to access his computer through Kaspersky.

In order to function, the Kaspersky program needs a computer owner’s blanket permission to access the machine’s systems.

It then communicates the results of its anti-virus scans to Kaspersky headquarters — in Moscow.

The Wall Street Journal reported last year that the 2015 penetration of Pho’s computer led to the Russians obtaining information on how the NSA itself infiltrates foreign computer networks and protects itself from cyberattacks.

Kaspersky itself later confirmed the theft, saying what was stolen included essential source code for so-called Equation Group hacking software from the NSA.

The leak was one of the most devastating ever for the NSA, one of the US government’s most important spy agencies, and significantly set back its operations against foreign targets’ computers.

“As a result of his actions, Pho compromised some of our country’s most closely held types of intelligence, and forced NSA to abandon important initiatives to protect itself and its operational capabilities, at great economic and operational cost,” said US Attorney Robert Hur.

The incident was a key reason for the US government’s ban on using Kaspersky anti-virus software on government computers, warning that the company has suspect links to Russian intelligence.

Kaspersky denies any ties to the Russian government or its spies.

Related: Russian Hackers Exploited Kaspersky Software to Steal NSA Exploits

Related: The Increasing Effect of Geopolitics on Cybersecurity