Sign In

Communications of the ACM

ACM TechNews

In Baltimore and Beyond, Stolen NSA Tool Wreaks Havoc


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
The online tool appears to have been dumped online two years ago by hackers.

Security experts say ransomware that has frozen thousands of computers in Baltimore and crippled many city services contains a key element developed by the U.S. National Security Agency.

Credit: Brooks Kraft/Getty Images

Security experts say ransomware that has frozen thousands of computers in Baltimore and crippled many city services contains a key element developed by the U.S. National Security Agency (NSA).

The tool, called EternalBlue, was dumped online two years ago by an as-yet-unidentified hacker group, and in the ensuing years foreign intelligence agencies and state hackers have employed it to orchestrate malware infections.

Recent activity indicates local U.S. governments with superannuated digital infrastructure and few defensive measures are now prime targets.

Former NSA operators said EternalBlue was originally designed to exploit a vulnerability in unpatched Microsoft software, and used extensively for intelligence gathering and counterterrorism.

The vulnerability lets hackers spread malware faster and to a greater extent than they otherwise would, and hundreds of thousands of systems worldwide remain imperiled, despite Microsoft's release of a patch.

From The New York Times
View Full Article - May Require Paid Subscription

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found