Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.
posted by martyb on Thursday September 27 2018, @04:39PM   Printer-friendly
from the me-and-my-shadow...brokers dept.

NSA employee who brought hacking tools home sentenced to 66 months in prison

Nghia Hoang Pho, a 68-year-old former National Security Agency employee who worked in the NSA's Tailored Access Operations (TAO) division, was sentenced today to 66 months in prison for willful, unauthorized removal and retention of classified documents and material from his workplace—material that included hacking tools that were likely part of the code dumped by the individual or group known as Shadowbrokers in the summer of 2016.

Pho, a naturalized US citizen from Vietnam and a resident of Ellicott City, Maryland, had pleaded guilty to bringing home materials after being caught in a sweep by the NSA following the Shadowbrokers leaks. He will face three years of supervised release after serving his sentence. His attorney had requested home detention.

In a letter sent to the court in March, former NSA Director Admiral Mike Rogers told Judge George Russell that the materials removed from the NSA by Pho "had significant negative impacts on the NSA mission, the NSA workforce, and the Intelligence Community as a whole." The materials Pho removed, Rogers wrote, included:

[S]ome of NSA's most sophisticated, hard-to-achieve, and important techniques of collecting [signals intelligence] from sophisticated targets of the NSA, including collection that is crucial to decision makers when answering some of the Nation's highest-priority questions... Techniques of the kind Mr. Pho was entrusted to protect, yet removed from secure space, are force multipliers, allowing for intelligence collection in a multitude of environments around the globe and spanning a wide range of security topics. Compromise of one technique can place many opportunities for intelligence collection and national security insight at risk.

Previously: Former NSA Employee Nghia Pho Pleads Guilty to Willful Retention of National Defense Information

Related: "The Shadow Brokers" Claim to Have Hacked NSA
The Shadow Brokers Identify Hundreds of Targets Allegedly Hacked by the NSA
Former NSA Contractor May Have Stolen 75% of TAO's Elite Hacking Tools
Former NSA Contractor Harold Martin Indicted


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by Snotnose on Thursday September 27 2018, @06:40PM (9 children)

    by Snotnose (1623) on Thursday September 27 2018, @06:40PM (#740941)

    Yep, that tends to happen when you don't actually break any laws.

    You've never held a security clearance, have you? Those of us who have at some point can't understand why HRC didn't get locked up for her transgressions.

    It seems like more and more I'm not voting for someone, I'm voting against someone else. I couldn't stomach either HRC nor Trump, so I went for Gary Johnson. Now I'm in the middle of this Duncan Hunter kerfluffle and I'm gonna have to vote for his opponent just because ol Dunc is either grossly stupid, grossly incompetent, or grossly corrupt. Kid ruined his dad's reputation, that's for sure.

    --
    I hate it when I see an old person, then realize we went to high school together.
    Starting Score:    1  point
    Moderation   +2  
       Informative=2, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 2) by DeathMonkey on Thursday September 27 2018, @07:57PM (6 children)

    by DeathMonkey (1380) on Thursday September 27 2018, @07:57PM (#740998) Journal

    Holding a security clearance makes you an expert on federal law?

    No, I think the FBI is the relevant expert here and they said they couldn't deomnstrate intent, which is required by the law, not your little certification.

    • (Score: 2) by Snotnose on Thursday September 27 2018, @08:20PM (1 child)

      by Snotnose (1623) on Thursday September 27 2018, @08:20PM (#741015)

      No, I think the FBI is the relevant expert here and they said they couldn't deomnstrate intent, which is required by the law, not your little certification.

      No, the FBI didn't want to interfere with a presidential election weeks before election day. Comey clearly thought she should be prosecuted but decided not to.

      Had that server been found 18 months earlier I have no doubt HRC would have ended up in jail. Well, that's not true. I like to think so, but there is a part of me that says "nope, too powerful, never happen".

      --
      I hate it when I see an old person, then realize we went to high school together.
      • (Score: 2) by bzipitidoo on Friday September 28 2018, @10:35AM

        by bzipitidoo (4388) on Friday September 28 2018, @10:35AM (#741266) Journal

        Are you kidding? Comey most certainly did interfere with the election by making grave accusations against HRC a few days before the election.

        Anyway, this whole discussion about government security sounds naive. Every low level worker with a security clearance is keenly aware that the government has the power to put their ass in jail. That threat gets implied on a near daily basis. Mistakes and failures could be construed as treason. Someone else's mistakes and failures can be pinned on them. If too much is asked of them, expectations are too high, and they've been handed an impossible task, the eventual failure includes the risk that in as part of being forced to take the fall, they'll be jailed. It makes for a nervous work environment. And so, one of the top priorities of most any government intelligence worker is Cover Your Ass. As part of CYA, one thing they like to do is slap security restrictions on everything, treat basic scientific knowledge as national secrets.

        And, oh yes, they want to keep a tight grip on everything. They like to keep computers inside. Carrying a disc or a flash drive out is a big no-no. A rather weird restriction is that you are not to use encryption on any computers assigned to you, not without prior authorization. If you're sending encrypted traffic over the network, how would they know whether it's sensitive info? So, the simplest solution is that you're not allowed to use encryption at all. Not sure how they've squared that with the recent move to https everywhere. Yeah, the paranoia level can get pretty high. If it was possible, they'd make you remove and check your brain into storage at the exit, when you went home for the night.

        For an example of how ridiculous it can get, there's a scene in the movie Hidden Figures, which is set in the 1950s during the times of the Red Scare, in which one of the workers is accused of being a spy for the Commies. She was denied some info she needed to do some work that was asked of her, and found the info out anyway. It's pretty obvious the accusation was motivated by the desire of another worker to cover his ass (he was responsible for keeping the info secret), and he probably wouldn't have minded if she'd been fired or even jailed. Fortunately for her, the boss was more interested in accomplishing things, and wasn't about to encourage any Communist witch hunts on his watch.

    • (Score: 2, Insightful) by Anonymous Coward on Thursday September 27 2018, @08:29PM (3 children)

      by Anonymous Coward on Thursday September 27 2018, @08:29PM (#741020)

      no, if you held a clearance you would know all of the training that those of us with clearances have to go through, and would know of the similar instances in which we've seen the book thrown at coworkers for much more benign offenses. You would know how untruthful Clinton was during the entire investigation and after because there is absolutely no earthly way she didn't know what she was doing was extremely wrong. Sure, you can look up a law... but do you know the details about clearances and classification? Do you know what it's like working in those environments and what safeguards are in place? Do you know how those affect those laws? I doubt it.

      • (Score: 0) by Anonymous Coward on Thursday September 27 2018, @08:43PM (2 children)

        by Anonymous Coward on Thursday September 27 2018, @08:43PM (#741026)

        DeathMonkey's world is so simple: "Trump is Hitler, Democrats give a shit about me, and Hillary ought to have been queen."

        • (Score: 3, Touché) by PartTimeZombie on Thursday September 27 2018, @09:16PM (1 child)

          by PartTimeZombie (4827) on Thursday September 27 2018, @09:16PM (#741042)

          If you're going to post that sort of flamebait nonsense, the least you could do is log on.

          • (Score: 2, Informative) by Azuma Hazuki on Thursday September 27 2018, @10:24PM

            by Azuma Hazuki (5086) on Thursday September 27 2018, @10:24PM (#741073) Journal

            Butbutbut then you might DOX HIM!!!!111one! At least, that seemed to be the concern last time *I* asked one of these anonymous jerkoffs to find his or her gonads and put a username behind their bullshit...

            --
            I am "that girl" your mother warned you about...
  • (Score: 1, Informative) by Anonymous Coward on Thursday September 27 2018, @08:20PM

    by Anonymous Coward on Thursday September 27 2018, @08:20PM (#741016)

    I would like a bit of public commentary on why his supervisor, the security desk personnel, etc aren't being fired, censured, or criminally prosecuted for letting this happen. Just based on the details of the story I have read/heard, it sounds very possible he was tacitly being allowed to do this in order to get more work done than he could in the normal clocked in workday, and that someone higher up was allowing it to help benefit their own career over the safety and security of one of the most pivotal and politically dangerous of our security arms.

    I know for a fact the big semiconductor companies checked every person's documents and belongings both on entering and exiting the building for exactly these kind of situations, and that was for personnel without direct access to the companies highly secure documentation or resources.

  • (Score: 2, Informative) by Anonymous Coward on Thursday September 27 2018, @08:32PM

    by Anonymous Coward on Thursday September 27 2018, @08:32PM (#741021)

    You've never held a security clearance, have you? Those of us who have at some point can't understand why HRC didn't get locked up for her transgressions.

    Are you sure you've had a clearance? You don't talk like somebody who has. Usually the "standard" punishment for mishandling of classified information would have been to have her clearances stripped, and possibly being disallowed to work on future work in the government (the exact level of this disbarring is debatable). The main time prison gets thrown about is when a person is actively giving or selling these secrets around, not merely for (blatant) mishandling.

    Admittedly there is a strong argument for throwing her in jail for evading transparency laws (*cough* Trump *cough*), but that's different than her mishandling of classified information.