Skip To Content
BuzzFeed News Home Reporting To You

Utilizamos cookies, próprios e de terceiros, que o reconhecem e identificam como um usuário único, para garantir a melhor experiência de navegação, personalizar conteúdo e anúncios, e melhorar o desempenho do nosso site e serviços. Esses Cookies nos permitem coletar alguns dados pessoais sobre você, como sua ID exclusiva atribuída ao seu dispositivo, endereço de IP, tipo de dispositivo e navegador, conteúdos visualizados ou outras ações realizadas usando nossos serviços, país e idioma selecionados, entre outros. Para saber mais sobre nossa política de cookies, acesse link.

Caso não concorde com o uso cookies dessa forma, você deverá ajustar as configurações de seu navegador ou deixar de acessar o nosso site e serviços. Ao continuar com a navegação em nosso site, você aceita o uso de cookies.

An NSA Hacker's Guilty Plea Closes A Chapter In The Kaspersky Saga

Nghia Hoang Pho, 67, who worked for the NSA, took documents home from work. They ended up in Russia.

Posted on December 1, 2017, at 6:58 p.m. ET

Kirill Kudryavtsev / AFP / Getty Images

An elite National Security Agency hacker has pleaded guilty to illegally taking his work home — and in the process, to have inadvertently provided the Russian government with highly sensitive US hacking tools.

Nghia Hoang Pho, 67, admitted Tuesday to unauthorized possession of classified documents relating to national defense, according to documents the Department of Justice released Friday.

What the documents don't say is that Pho is the government hacker whose computer, according to the New York Times, provided secret NSA code to a controversial Russian cybersecurity firm, Kaspersky Lab, some of whose employees also have worked for Russian intelligence. Pho had installed Kaspersky anti-virus software on his home computer.

Like many anti-virus programs, Kaspersky routinely scans its clients' computers for viruses. In Pho's case, Kaspersky detected the NSA code and sent it to Kaspersky's servers in Moscow for analysis. That analysis matched the new code with code Kaspersky had previously connected to what it has nicknamed the Equation Group – widely believed to be to NSA’s elite Tailored Access Operations division, where Pho worked.

How the code then ended up in Russian hackers' hands is unclear. In October, the Wall Street Journal reported that Russian government hackers had stolen NSA tools from a contractor who had taken them home and viewed them on his home computer, which ran Kaspersky Anti-Virus. Kaspersky has said it believes the NSA tools ended up with hackers when its client turned off his anti-virus software because it was preventing him from generating an encryption key. Kaspersky claims it destroyed the NSA hacking tools when it realized what they were.

In September, the Department of Homeland Security announced a directive that all federal agencies would have to stop using Kaspersky software by Dec. 12.

According to the charges against Pho, he habitually took home both digital and paper files, including ones marked top secret, though he never received authorization to do so.

Pho is not alleged to have given up the files knowingly.

Pho is at least the third NSA worker accused of having illegally taken home classified information in recent years. In 2013, Edward Snowden, an NSA contractor who worked for Booz Allen, stole a cache of agency documents, which he turned over to the news media. In 2016, the Department of Justice charged Hal Martin, also a contractor with Booz Allen, with storing classified NSA documents in his home.

A BuzzFeed News investigation, in partnership with the International Consortium of Investigative Journalists, based on thousands of documents the government didn't want you to see.