By Shaun Nichols
2nd December 2017
An NSA hacker has admitted taking home copies of classified software exploits – understood to be the cyber-weapons slurped from an agency worker’s home Windows PC by Kaspersky Labs’ antivirus.
Nghia Hoang Pho, 67, pleaded guilty in a US district court in Baltimore on Friday to one count of willful retention of national defense information. The Vietnam-born American citizen, who lives in Ellicott City, Maryland, faces roughly six to eight years in the clink, with sentencing set for April next year.
Pho is understood to be the Tailored Access Operations (TAO) programmer whose home computer was running Kaspersky Lab software that was allegedly used, one way or another, by Russian authorities to steal top-secret NSA documents and tools in 2015.
According to Kaspersky, its security package running on the PC detected Pho’s copies of the NSA exploits as new malicious software, and uploaded the powerful spyware to its cloud for further analysis by its researchers. The biz deleted its copy of the archive as soon as it realized what it had discovered, it is claimed. It is further alleged by US government sources that Russian spies were able to get their hands on the top-secret code via the antivirus package, although Kaspersky denies any direct involvement.
Judging from his plea deal with prosectors, Pho broke federal law when, as a developer on the NSA’s TAO hacking team, he took his work home with him multiple times and, in the process, exposed the classified information. Pho admitted that, over a five-year period starting in 2010, he copied information from NSA machines and took it all home with him.