A U.S. intelligence worker has been sentenced to prison for transferring top-secret material to a home computer that was allegedly accessed by Russian intelligence through Kaspersky software.
Nghia Hoang Pho, 68, a 10-year veteran of the National Security Agency’s (NSA) elite Tailored Access Operations hacking unit, was sentenced to 66 months in prison on September 25 after pleading guilty in December to willfully retaining classified national defense information.
Authorities discovered that between 2010 and 2015, he had taken home what they called “massive troves” of top-secret data that eventually ended up in the hands of Russian intelligence.
Vietnam-born Pho put the information on his home computer, which was protected by the popular Kaspersky antivirus program.
U.S. authorities believe that Russian intelligence was able to access his computer through Kaspersky.
The leak was one of the most devastating ever for the NSA, one of the U.S. government’s most important spy agencies, and significantly set back its operations against foreign targets’ computers.
“As a result of his actions, Pho compromised some of our country’s most closely held types of intelligence, and forced NSA to abandon important initiatives to protect itself and its operational capabilities, at great economic and operational cost,” said U.S. Attorney Robert Hur.
The incident is believed to be a key reason for the U.S. government’s ban last year on using Kaspersky software on government computers, warning that the company has suspected links to Russian intelligence.
Kaspersky denies any ties to the Russian government or its spies.
In order to function, the Kaspersky program needs a computer owner’s blanket permission to access the machine’s systems.
It then communicates the results of its antivirus scans to Kaspersky headquarters in Moscow.
The Wall Street Journal reported last year that a 2015 penetration of Pho’s computer led to Russian intelligence obtaining information on how the NSA itself infiltrates foreign computer networks and protects itself from cyberattacks.
Kaspersky later confirmed the theft, saying what was stolen included essential source code for so-called Equation Group hacking software from the NSA.