The National Security Agency (NSA) was the main attraction in a major data breach involving three different participants, and as a result, they had to change national security protocols and operations. The NSA is responsible for national security; therefore, it would seem that their systems and security measures would be impenetrable; not true.
Who Was Involved In The NSA Hack?
Harold T. Martin III, Nghia Pho, and a hacker group called the shadow brokers are all suspected of being involved in NSA’s data breach.
Harold T. Martin III was found guilty of insider data breach and stealing piles (50 terabytes) of confidential documents and computer information compiling the most significant data breach of the NSA ever. Although there is no evidence Mr. Martin (an ex contractor for the NSA’s Tailored Access Operations hacking unit) sold or shared the information, it was leaked.
Another contractor, 70-year old Nghia Pho, also was found guilty of stealing the NSA’s most powerful hacking tools and cybersecurity weapons. These were left unprotected on Pho’s computer, and as a result, the NSA had to abandon all operations which used these tools.
Additionally, a hacker group called The Shadow Brokers offered up many of the NSA’s best-kept secrets and hacking tools online. Neither man is directly associated with the Shadow Brokers hacking group, but experts believe they stole the information from one or both of them. The NSA suspects that the Shadow Brokers are a Russian affiliate.
When Did The NSA Data Breach Happen?
The NSA data breach was not a single incident but three linked events. In Mr. Martin’s case, the NSA discovered that he had been stealing information for more than 20 years from the NSA and other security agencies where he worked.
Mr. Pho had been filtering information out of the NSA from 2010 until 2015. The FBI raided his home in December of 2018 and found a massive stash of information in paper and electronic formats. Among the items found were highly classified documents and tools for electronic surveillance. Many were also found in the hands of the hacking outfit The Shadow Brokers. The NSA had no choice but to abandon all operations associated with the stolen tools and information now that they had been compromised.
In 2016, the Shadow Brokers revealed themselves by offering up a collection of NSA-fueled hacking tools on the dark web and social media (Twitter mostly). The offers which occurred over a few weeks/months were in broken English and referenced government tools with the ability to hack into anything.
What Was Done About the NSA Data Breach?
Although Mr. Martin was the NSA’s lead suspect, Shadow Brokers continued to post messages and offer secrets during the time he was detained by the FBI. Edward Snowden (an ex-NSA employee and whistleblower) Tweeted that it was apparent all indications pointed to a Russian connection.
Nghia Pho was sentenced in September of 2019 to five and a half years in prison.
Harold T. Martin III was sentenced in July of 2019 to nine years in prison. He has been held for two and a half years, and that time will count towards his full sentence.
As of now, the NSA still does not have concrete proof of who The Shadow Brokers are and if they are affiliated with Russian spies. They can only theorize and plug the holes left in their security.