Ransomware Attack Linked to NSA Breach

John Lister's picture

The National Security Agency (NSA) is refusing to comment on claims a tool it developed has been used in a ransomware attack on the Baltimore city government. The New York Times says the attackers used a tool called "EternalBlue."

The attackers have encrypted Baltimore government systems and demanded between $76,000 and $114,440 (depending on the account) to restore access. Officials have refused to pay and used workarounds including some manual processing of files and switching to Gmail for internal communications.

It seems the attack was carried out using EternalBlue, which is designed to address a bug in Windows XP and Vista. Though that bug was quickly fixed once EternalBlue became public knowledge, some users haven't applied the update, apparently including Baltimore's officials.

Of course, one irony is that organizations still using the hugely outdated XP and Vista probably aren't exactly doing a perfect job of keeping systems up to date. (Source: bbc.co.uk)

Stolen Spy Tool Used For Attacks

EternalBlue is particularly dangerous as it allows hackers to execute code remotely on a machine, which can be used for all manner of disruptive activity from stealing data to disabling a computer. It's known to have been used for several key attacks worldwide including the WannaCry ransomware and NotPetya, a targeted attack against Ukraine's infrastructure and financial system.

While a group known as the ShadowBrokers made EternalBlue publicly available and thus enabled such attacks, many security experts believe the group didn't develop the tool.

NSA Kept Windows Bug Secret

Instead, the theory is that the group stole the tool from the National Security Agency, whose own communications were compromised.

According to the Times, the NSA spotted the bug and developed the tool around 2012, using it to gain remote access to computers of people under surveillance. It reportedly didn't warn Microsoft about the bug for five years when it discovered its own systems had been breached and the tool's existence leaked. (Source: nytimes.com)

What's Your Opinion?

If the story is true, was the NSA right to keep the Windows bug secret and use it to its own advantage? Should it bear some of the responsibility for the attackers going after the Baltimore government system? Do you have any sympathy with organizations who get hacked while running unsupported systems such as Windows XP?

Rate this article: 
Average: 5 (9 votes)

Comments

PseudoGeek's picture

NSA needs to pay Dennis to go in and fix it.

ronbh's picture

"Do you have any sympathy with organizations who get hacked while running unsupported systems such as Windows XP"

Bloody right I do. The purulent filth that hacks computers is the bane of modern existence.
Imagine how good and convenient operating systems could be if development effort and processor time wasn't being wasted on protection from these worthless oxygen thieves.

Public extermination of this vermin would go a long way towards improving life as we know it.

Jim-in-kansas's picture

Ronbh

Tell us how you really feel !!

I'm of the same opinion as you are.

A way long time ago I used to work for a sub-set of the NSA (No Such Agency).

Keep hammering away.

Cheers,
Jim
Kansas
USA

Navy vet's picture

All they had to do was upgrade their systems in a timely manner.

matt_2058's picture

No sympathy for governments as they screw the citizens every turn they get. Our Governments are setting the example.

Don't all major-player governments lie, cheat, spy and hack other countries? How can citizens not expect it to be done to them?

Jim-in-kansas's picture

I believe it was John Foster Dulles who was a Sec of State for FDR who made the famous, or infamous, quote "Gentlemen don't read other gentlemen's mail" when queried about military intelligence gathering.

The Zimmerman Letter comes to mind. Only the truly naive amongst us wants to be blindsided by another country meddling in their affairs.

Hence, "They do it to us and we do it to them" is but one way of trying to maintain our national integrity and sovereignty.

Its ugly but necessary. Always has been always will be.

Jim
Kansas