Vietnamese American Nghia Hoang Pho, 70, of Ellicot City, Maryland, entered a guilty plea on 1 December 2017 to the charge of taking national defence information home from 2010 to 2015 and retaining it at his residence.
Prosecutors had sought a jail term of at least eight years for Pho, while his own counsel had request no jail time, but a long period of home confinement. Pho has claimed he took the classified material home so he could craft a review that would bring a pay hike which would increase his income when he retired.
I think Pho's sentence is excessive. Yes, Pho was dumb. No, he doesn't deserve this. I've said it before: Pho's superiors and team members knew he was taking home classified (or should have). He deserves to lose his retirement and maybe a short sentence. Not this. 10/10— Jake Williams (@MalwareJake) September 25, 2018
The NSA exploits are claimed to have leaked to the Russians through Pho's use of Kaspersky Lab's anti-virus software; like any A-V solution, the software uploads suspicious files to a server for later analysis and when it encountered the NSA files on this man's machine, it did the same.
How the Russians obtained these exploits is a mystery though the obvious implication has been that after they reached Kaspersky's Moscow offices, they were handed over to government hackers. Kaspersky has denied any involvement.
One more ex-NSA man, Harold Martin, is yet to be sentenced after being arrested for a similar offence as Pho: taking NSA data home. Martin pleaded guilty to the charge of illegal retention of information relating to US national security in January.
Announcing Pho's sentence, Assistant Attorney-General for National Security John Demers said: "Pho’s intentional, reckless and illegal retention of highly classified information over the course of almost five years placed at risk our intelligence community’s capabilities and methods, rendering some of them unusable.
“Today’s sentence reaffirms the expectations that the government places on those who have sworn to safeguard our nation’s secrets."
US Attorney for the District of Maryland Robert Hur said: “Removing and retaining such highly classified material displays a total disregard of Pho’s oath and promise to protect our nation’s national security.
“As a result of his actions, Pho compromised some of our country’s most closely held types of intelligence, and forced NSA to abandon important initiatives to protect itself and its operational capabilities, at great economic and operational cost.”
Special Agent in Charge Gordon Johnson of the FBI’s Baltimore Field Office said: “The privilege of working for the US Intelligence Community requires strict adherence to laws governing the lawful secrecy of its work.
“We cannot have a functioning Intelligence Community without the protection of sources and methods, and taking classified information and placing it in a vulnerable setting has profound and often disastrous consequences.
"This case is a clarion call to all security clearance holders to follow the law and policy regarding classified information storage. The FBI will leave no stone unturned to investigate those who compromise or mishandle classified information.”