Content |
Biography
2018: A sentence by 5.5 years of prison for leakage of a cyber weapon for benefit of Kaspersky Lab
In September, 2018 the ex-programmer of the NSA 68-year-old Nguiya Joán Pjo was sentenced to five and a half years of imprisonment for the fact that he allowed leakage of confidential cybermilitary developments. In December Pjo pled guilty of premeditated unauthorized copying of the classified information relating to the sphere of state security.[1]
In 2015 Pkho worked as the programmer in the division of the NSA on operational penetration into computer networks of the opponent (Tailored Access Operations - TAO) which is engaged in development of tools for conducting intelligence activities in a cyberspace - in other words, creation of exploits and malware. TAO, according to some data, is one of the largest divisions within the NSA: 1000 military and civil employees are involved in its work.
Pkho's offense was that it repeatedly took away with itself(himself) confidential developments to continue work of the house on them. By its own recognition, it arrived thus within five years therefore on its personal computer a significant amount of information under a signature stamp "confidentially" accumulated.
However then, in 2015 there was something for Pkho unexpected: the copy of an antivirus of Kaspersky Lab set on its home computer revealed harmful tools, and as the Pkho computer, most likely, was connected to Kaspersky Security Network service, the antivirus automatically sent copies of these harmful tools to the analysis.
Further succession of events was extremely adverse for all parties. The USA considered that hit of exploits of the NSA in the analytical systems of Kaspersky Lab was resulted by leak and these tools appeared in hands of the Russian intelligence agencies. It was followed by charges of the company of cooperation with the Russian intelligence agencies and numerous sanctions. In particular, Laboratory lost an opportunity to cooperate with the government organizations of the USA and some other countries. The head of the company Evgeny Kaspersky|Further succession of events was extremely adverse for all parties. The USA considered that hit of exploits of the NSA in the analytical systems of Kaspersky Lab was resulted by leak and these tools appeared in hands of the Russian intelligence agencies. It was followed by charges of the company of cooperation with the Russian intelligence agencies and numerous sanctions. In particular, Laboratory lost an opportunity to cooperate with the government organizations of the USA and some other countries. The head of the company Evgeny Kasperskiydazhe]] suggested to provide to the U. S. Congress source codes of products of Laboratory for the analysis that all could be convinced of absence in them "espionage" functionality. This offer was not heard, pressure upon the company proceeded.
At the end of 2017 Kaspersky Lab published the version of the event. The company recognized that malware of the NSA and some accompanying classified documents came to infrastructure of the company for the analysis, just because such is there was a stated functionality of a product.
Information which presumably was confidential was received by experts because contained in archive to which the solution on the basis of Equation signatures reacted. In addition to malware, the specified archive also contained the source code software of the Equation grouping and four text documents with security classifications. Kaspersky Lab has no information on contents of these documents as they were deleted after receiving", says the company. ([2]) |
The company categorically denies transfer of these source codes and documents to the third parties. noting that "the unknown number of the third parties could have access to the Pkho computer". According to investigation results, at the Pkho system there was a backdoor whose managing servers belong to the Chinese organization. Why development of Kaspersky Lab could not neutralize this backdoor, in the publication of the company does not speak.
In October, 2017 Evgeny Kaspersky in[3] told that an incident in fact occurred in 2014. When it became clear that secret data got to analysts, Kaspersky personally ordered to delete them immediately.
At the beginning of 2015 Laboratory published results of a research of activity of the hypothetical[4]. Experts of Laboratory said, in particular, that Equation "interacts many years with other influential groupings, for example with those that stand up for Stuxnet and Flame, and every time from superiority position".
Later in the industry there was a consensus that Equation Group is directly connected with the NSA; the data stolen and published by Edward Snowden also demonstrated to it, in particular.
Several months later Laboratory also announced long cyber attack to the infrastructure using the harmful Duqu 2.0 platform. At that time Laboratory refused to identify Duqu/Duqu 2.0 operators, however rumors went afterwards that behind this attack there was the Israeli cyberintelligence ([5]) and that an incident with Duqu 2.0 was directly connected with investigation of Laboratory concerning Equation Group.
In 2016 there was a scandalous leakage of the Equation tools: The Shadow Brokers grouping unknown earlier offered them for sale, and a part even published in the general access. Afterwards these exploits were used in several large-scale cyber attacks. In particular, epidemic of the encoder of WannaCry became possible exactly thanks to the fact that he used some Equation exploits for the distribution.
Thus, leakage of "tools of the NSA" led to the fact that everyone began to use it.
U.S. authorities obviously decided to punish Pkho for edification of all rest, - Dmitry Gvozdev, the CEO of Information Technologies of the Future company considers. - Comparable terms were received earlier by Rieliti Uinner, one more contractor of the NSA which also transferred to media confidential data, and Chelsie/Bradley Manning who gave WikiLeaks of 750 thousand documents, confidential and confidential. However Uinner and Manning acted consciously while Pkho's actions fall under determination of criminal negligence. Nevertheless, effects of its error have global character. Moreover, they will be felt within several years around the world. |
Notes
- ↑ NSA dev in the clink for 5.5 years after letting Kaspersky, allegedly Russia slurp US exploits
- ↑ kaspersky-lab-full-results-investigation-equation-software Kaspersky Lab published complete results of internal investigation of an incident with the source code software Equation
- ↑ an interview of Associated Press
- ↑ Equation Group Equation grouping: Star of death of Galaktika of the Malware
- ↑ Duqu 2.0: computer virus 'linked to Israel' found at Iran nuclear talks venue