“The Most Destructive Breach In History”: Hackers Use NSA Code To Grind Baltimore To A Halt
by Tyler Durden
ZeroHedge.com
Mon, 05/27/2019
The United States is no longer supplying its enemies only with conventional weapons – that list now also includes cyberweapons. While Baltimore has been struggling with an aggressive cyber-attack over the last three weeks, previously profiled here , it has now been revealed that a key component of the malware used by cyber-criminals was actually developed just a short drive from Baltimore – at the NSA, according to the New York Times.
The tool used – called EternalBlue – has been used by hackers in North Korea, Russia and China to “cut a path of destruction around the world”, and resulted in billions of dollars in damages.
Now, it has come full circle and is back in the US, wreaking havoc just miles from Washington. In fact, security experts say that attacks using EternalBlue have soared and cyber-criminals are honing in on vulnerable towns and cities, using it to paralyze governments. The NSA’s connection to the attacks had previously not been reported and the NSA hasn’t commented about it since an unidentified group leaked the weapon online in April 2017.
The NSA and the FBI still don’t know whether or not it was leaked by foreign spies or US insiders.
The leak has been referred to as “the most destructive and costly N.S.A. breach in history,” by Thomas Rid, a cybersecurity expert at Johns Hopkins University. He continued: “The government has refused to take responsibility, or even to answer the most basic questions. Congressional oversight appears to be failing. The American people deserve an answer.”
An answer that we’re sure they won’t get.
Commenting on the leak in April 2017, Edward Snowden said that the “NSA just lost control of its Top Secret arsenal of digital weapons; hackers leaked it.”
NSA just lost control of its Top Secret arsenal of digital weapons; hackers leaked it.
1) https://t.co/zleVbyBtE3
2) https://t.co/aKwdiNbrJA— Edward Snowden (@Snowden) April 8, 2017
Since the April 2017 leak, foreign intelligence agencies and hackers have used the software to paralyze places like hospitals, airports, rail and shipping operators, ATMs and factories. In the United States, hackers are using the software to hit local governments with outdated infrastructure and few resources to defend themselves.
The software used to be one of the most useful exploits in the NSA’s arsenal. Former NSA analysts spent almost a year finding a flaw in Microsoft’s software and writing the code to target it. The tool was initially called “EternalBlueScreen” because it had a penchant for crashing computers. In fact, it was so valuable that the agency never even alerted Microsoft to the security flaw and instead, held onto the tool for five years before the breach in 2017 forced them to talk about it.
The May 7 Baltimore attack saw city workers’ screens suddenly lock up and a message in broken English demanding $100,000 in Bitcoin ransom. And, as Baltimore has not yet paid the ransom, the city’s computers remain handicapped. Without the former NSA tool, the damage wouldn’t of been as bad.
The Rest…HERE
