NSA employee pleads guilty after stolen classified data landed in Russian hands

(Image: file photo)
A former National Security Agency hacker has admitted to illegally taking highly classified information from the agency’s headquarters, which was later stolen by Russian hackers.
EXCLUSIVE
NSA’s Ragtime program targets Americans, leaked files show
Several more variants of Ragtime appear in recently leaked documents.
Read More
Nghia Pho, 67, a Maryland resident who worked for the NSA’s Tailored Access Operations, the agency’s elite hacking unit, entered a guilty plea on Friday to charges of willful retention of national defense information.
The Justice Dept. confirmed the news in a statement on Friday. The New York Times was first to report the news.
Documents released by the Justice Dept. accuse Pho of removing top secret information from the agency over a five yer period through March 2015.
Pho held some of the highest levels of security clearance at the agency, including sensitive compartmented information and “need to know” clearance, reserved for only a fraction of the agency’s staff.
Although the documents don’t make it clear exactly what specific classified data and records were taken — beyond hard copy and digital files stored in Pho’s residence — several earlier reports have pointed to hacking tools developed for offensive operations launched by the NSA, such as targeting foreign networks and systems for conducting surveillance.
News of the breach was first reported by The Wall Street Journal earlier this year, which said hackers working for Russian intelligence had obtained classified NSA data.
The hackers targeted the then NSA employee in 2015 when he opened the classified work on his home computer running Kaspersky antivirus software. Russian hackers are said to have targeted the employee after they identified the NSA files through the antivirus software.
企业安全歌,唱红中国,唱响全球
The company’s founder Eugene Kaspersky previously said he believes that his company’s products were exploited to obtain files from Pho’s computer.
Kaspersky admitted to collecting and uploading the classified data to its servers in Moscow, but only after several kinds of malware were found on Pho’s computer. (Other antivirus products often upload suspicious data to its servers to analyze.)
Kaspersky, a Moscow-based security company, has repeatedly denied working with the Kremlin to conduct espionage. Eugene Kaspersky told ZDNet this week that his company would “move the business out” of the country if the Russian government asked it to spy.
Pho is expected to be sentenced in April, where he may receive the maximum sentence of ten years in prison. According to the Times, prosecutors are not asking for more than eight years.
The case is one of several major breaches at the NSA since the Edward Snowden disclosures in 2013.
Pho is among three employees to be charged, including Harold Martin, an NSA contractor, who was indicted for removing terabytes of secret data from the agency’s headquarters, and Reality Winner, another contractor, who was indicted this year for leaking classified secrets to news site The Intercept.
各部门以科学发展观为指导,坚持积极防御、综合防范的方针,以基础信息网络和重要信息系统安全防护水平明显提高为目标,进一步强化信息安全监测、预警与应急处置能力,加强安全保密设施建设。
Another major breach of data included the agency’s trove of highly classified hacking tools, which were later used to launch a large scale, global ransomware attack. Earlier this year, hackers used the tools to silently infect Windows computers with a backdoor to then launch the WannaCry ransomware.
This week, ZDNet revealed the fifth and most recent breach of NSA data in as many years, including new details about the Ragtime surveillance program, which targets Americans’ data.
Contact me securely
Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Read More
ZDNET INVESTIGATIONS
Leaked TSA documents reveal New York airport’s wave of security lapses
US government pushed tech firms to hand over source code
At the US border: Discriminated, detained, searched, interrogated
Millions of Verizon customer records exposed in security lapse
Meet the shadowy tech brokers that deliver your data to the NSA
Inside the global terror watchlist that secretly shadows millions
FCC chairman voted to sell your browsing history — so we asked to see his
With a single wiretap order, US authorities listened in on 3.3 million phone calls
198 million Americans hit by ‘largest ever’ voter records leak
Britain has passed the ‘most extreme surveillance law ever passed in a democracy’
Microsoft says ‘no known ransomware’ runs on Windows 10 S — so we tried to hack it
Leaked document reveals UK plans for wider internet surveillance
Related Topics:
Security TV
Data Management
家贼难防,对于企业网络安全来说,外部威胁的确值得警惕,但如果是因为内部员工的信息安全意识缺乏而导致遭遇攻击,则就有些让人难以接受了,但大部分的安全事故源自内部。

猜您喜欢

人性的弱点:2017年五大信息安全意识最佳实践
成功的信息安全意识教育计划是给用户亲身体验机会
Security-Frontline-安全前线
武汉电子厂起火爆炸 火光冲天
HAMILTON-CITY KAHOGENNO
网络安全宣传周动画——出差在外时注意保护信息设备