Ransomware tool causing chaos in Baltimore was developed by NSA

300 malicious websites were blocked in Kazakhstan

A recent spate of ransomware attacks in Baltimore and other
U.S. cities has been executed using a tool developed by the National Security
Agency (NSA). Thousands of people in Baltimore have been locked out of their
computers in the past three weeks, causing disruption across the city. And this
has been enabled by a piece of software created by the NSA, according to a
report in the New York Times.
The EternalBlue exploit takes advantage of a vulnerability
in Microsoft Windows machines to infiltrate target computers. The software was
stolen from the NSA and leaked by hackers in 2017, and since then has been used
in a wide variety of cybercrinimal schemes. 2017’s WannaCry attack used the
software, as did Russia’s NotPetya attack on Ukraine last year.
Now the same software is being used against U.S. citizens,
causing particular problems for local governments with machines which have been
disrupted. Many local governments do not regularly update their computers,
leaving them vulnerable to exploits. In Baltimore, hospitals, airports, ATMs,
shipping operators, and vaccine-producing factories have all been effected in
the last few weeks.
The software locks the target computer’s screen, then shows
a message demanding a payment of around $100,000 in Bitcoin for the target to
regain access to their files. “We’ve watching you for days,” the message says,
according to The Baltimore Sun. “We won’t talk more, all we know is MONEY!
Hurry up!”
The NSA has never acknowledged the theft of the software or
its responsibility for the cyberattacks conducted using it.
“The government has refused to take responsibility, or even
to answer the most basic questions,” Thomas Rid, a cybersecurity expert at
Johns Hopkins University, said to the Times. “Congressional oversight appears
to be failing. The American people deserve an answer.”
EternalBlue may have been developed with good intentions to
protect national security, but this event shows the problems with law
enforcement or intelligence agencies having tools which allow them access to
computers and phones. When such a tool is leaked, it can no longer be
controlled.

Leave a Reply

Your email address will not be published. Required fields are marked *