An NSA'S Tool Was Used In Baltimore Ransomware Attack

Maya Bhagat


It is believed that in the Baltimore attack, hackers have used EternalBlue, a tool developed by the NSA, the US’ National Security Agency

Suffering a severe ransomware attack, the city of Baltimore’s authorities had to partially shut down the web to ensure safety. According to some reports, the tool cybercriminals used was originated from the US’ National Security Agency (NSA). They took advantage of this tool to attack the official and individual computer systems.

EternalBlue - NSA's tool

In the case, cybercriminals attacked the computer network of the city workers and left a message to blackmail them. The hacker wanted an amount of $100,000 in Bitcoin to unlock computer screens which were previously locked by them.

It is said that many organizations and governments have been attacked by the tool of NSA. The New York Times reported that it is EternalBlue, the tool in question, that took part in a lot of high-profile cyberattacks. Some old versions of Microsoft’s Windows like Vista and XP are easy targets attacks as this tool can exploit their vulnerabilities. In the year of 2017, Shadow Hunters – a group of hackers stole and released EternalBlue to the Internet.

After that event, more and more ransomware attacks were launched with the support of EternalBlue. It is also the case of WannaCry ransomware, which is considered the largest cyberattack so far. According to a report of Quick Heal Technologies in September 2018, there was a sharp increase in the exploitation of EternalBlue globally.

This NSA’s tool also was used in NotPetya attack when Russian hackers targeted Denmark’s A.P. Moller-Maersk A/S and other companies. Millions of dollars were lost due to the attack, claimed The White House. It is said that cryptocurrencies were targeted too.

There was a sharp increase in the exploitation of EternalBlue globally

NSA’s Secret Weapon

The New York Times said that EternalBlue was considered as a reliable tool of NSA for counter-terrorism and intelligence-gathering tasks. The US agency valued the codes of EternalBlue so much that Microsoft did not receive any warning about the attack.

Older Window Versions

A patch had been released to control the EternalBlue attack. However, its effect is not quite satisfactory after the ransomware attack in Baltimore. The Windows ecosystem’s fragmentation is considered as the leading cause.

Microsoft’s Windows 10 is one of the best PC operating systems in the world. Nonetheless, EternalBlue still has the chance to carry out attacks as many people still use older versions of Windows. Although Windows 7 has not been supported by Microsoft, it still has a large number of users all over the world. Using older versions without Microsoft’s support can translate to a higher risk of falling victim of a cyber attack.

Next Story