Another swampling bites the dust. Sixty-eight-year-old Nghia Pho, an NSA engineer, has been officially sentenced to more than five years for stealing top-secret information and hacking tools from the government. Pho, who did have the right security clearance, pilfered hacking tools used by the U.S. Government in exercises targeting terrorists, foreign governments and U.S. adversaries, taking them to his home.
• Even the simple act of removing the tools from government property is illegal, but that isn’t where the issue stopped. Instead of doing homework, it appears Pho attempted to offload the tools into the hands of a shady black market trader known as Shadow Brokers.
• Shadow Brokers is well-known for international intelligence trades and other unscrupulous Deep Web behavior. Little is known about exactly who they are or what ties they have to other governments, although we do have a few hints. Past investigations reveal potential ties to Russia, North Korea, and a long list of other US adversaries — and even a few hackers right here on home soil.
• After Shadow Brokers got their hands on the tools, they attempted to sell them off to the highest bidder on multiple websites. It isn’t clear whether the tools simply wouldn’t sell or they felt the risk of discovery became too high, but they did eventually pull the auction down, exposing them publicly instead.
• Pho’s sentence, although deserved, is a bit unusual and doesn’t hold much precedence. A previous case in which CIA director John Deutch kept top-secret information on a home computer was completely pardoned by President Obama. CIA Director David Petraeus was also charged with the same transgression, yet received only probation and little else.
• The difference may be in the fact that Pho’s tools weren’t just stored at home; they managed to find their way into the hands of brokers who could instantly deliver them to the very U.S. adversaries they were designed to target. This effectively renders the tools obsolete.
• The theft also increases risk for NSA operatives and exercises currently relying on the tools. The NSA, represented by Director Adm. Mike Rogers, informed the courts that it had “abandoned a series of initiatives” after Pho’s theft rendered them vulnerable. Prosecutor Thomas Windom called the events “devastating” for the NSA.
• Pho admits to taking the tools, but claims it was in an effort to improve his performance only. “I admit it,” he explained, “but I do not betray the U.S.A. I do not betray this country. … I do not send anything to anybody or on the internet. I do not make profit on this information. … I cannot damage this country.”
• Unfortunately, there is at least some evidence that he may be telling the truth. It appears Shadow Brokers may have accessed the information through an exploit in Kaspersky virus software — an exploit the company has since admitted to and even fixed. But it was still Pho who put the data at risk in the first place.