Analyst Who Accidentally Leaked NSA Software Given Five More Years In Prison Than General Who Handed Classified Info To His Mistress
from the 'somebodies'-score-another-win-over-the-'nobodies' dept
An NSA employee will be headed to prison for inadvertently exposing the agency’s malware stash.
Nghia Hoang Pho, 68, of Ellicott City, Maryland, and a naturalized U.S. citizen originally of Vietnam, was sentenced today to 66 months in prison, to be followed by three years of supervised release, for willful retention of classified national defense information. According to court documents, Pho removed massive troves of highly classified national defense information without authorization and kept it at his home.
Pho’s leaks were different than other NSA leaks. First reported last year by a couple of press outlets, the NSA TAO (Tailored Access Operations) tools were exposed to the outside world by anti-virus software , which correctly labeled it as malware. These malware samples drew the attention of hackers who then targeted Pho’s laptop to exfiltrate NSA hacking tools. The NSA exploits and malware made their way into the public domain, kicking off a crippling wave of ransomware that has since been repurposed to mine for cryptocurrency on infected computers.
The DOJ’s press release has a lot to say about the seriousness of the offense and the seriousness of the FBI in tracking down government employees who carelessly handle classified code. In particular, it offers up this self-serving garbage to justify locking someone up for taking their work home with them.
“Pho’s intentional, reckless and illegal retention of highly classified information over the course of almost five years placed at risk our intelligence community’s capabilities and methods, rendering some of them unusable,” said Assistant Attorney General Demers. “Today’s sentence reaffirms the expectations that the government places on those who have sworn to safeguard our nation’s secrets. I would like to thank the agents, analysts and prosecutors whose hard work brought this result.
This sentence does nothing of the sort. To those not closely watching these things (i.e., people who’d never read this press release in the first place), it may seem like the DOJ is serving up justice. But for those of us who’ve seen certain people — like General Petraeus — mishandle classified info in a much more egregious fashion (giving his mistress, and biographer, access to top secret info) and walk away from it pretty much unscathed, this statement from the DOJ is not just hollow. It’s hypocritical.
Even the judge handling the case saw through the DOJ’s double standard. Josh Gerstein of Politico reports the judge had plenty to say about the DOJ’s prosecutorial efforts, especially in light of the fact Pho never directly gave anyone else access to the NSA’s classified hacking stash.
[O]ne of the most striking aspects of Tuesday’s sentencing was [Judge George] Russell’s lament that top government officials seem to have escaped with little more than a slap on the wrist for engaging in similar behavior.
Russell seemed particularly perturbed that former CIA Director David Petraeus managed to get probation after admitting he kept highly classified information in his home without permission, shared it with his girlfriend and lied to investigators.
“Did he do one day in prison?” the clearly frustrated judge asked. “Not one day. … What happened there? I don’t know. The powerful win over the powerless? … The people at the top can, like, do whatever they want to do and walk away.”
It’s nice to hear this from a judge, even if there’s nothing the judge can actually do about it. Russell could only sentence Pho, not clawback Petraeus’ unearned freedom and post-conviction cakewalk. Judge Russell might be less willing to help the government apply its sentencing double standard in the future, but his statements to the DOJ have probably only assured the agency will try to steer clear of his court in the future.