Already in 2017, the National Security Agency (NSA) lost control of one of its hacking tools called EternalBlue. Since the hacking tool gained a foothold in the world, it has been picked up by hackers in North Korea, Russia and China, among others. The tool is said to have caused damages worth billions of euros worldwide. Unfortunately, the hacking tool has now also been used in US cities and states.
Over the past three weeks, the city of Baltimore has been fighting a cyber attack by digital blackmailers, which has resulted in thousands of computers being frozen, email services broken, and real estate sales being disrupted , Health warnings and more. Baltimore City computer systems have been frozen and officials have refused to pay the $ 100,000 ransom. Security experts say the attack in Baltimore is not the only one run by hackers using NSA's EternalBlue.
The New York Times reports that the cyberattacks that have taken place around the marina have not been linked to the lost by the NSA EnterlaBlue tool because the agency has refused to use the lost tool to speak. The group called the Shadowbrokers who had leaked the tool to be identified.
EthernalBlue targets local governments in the US where digital infrastructure is aging and fewer resources are available to protect systems. EthernalBlue was reportedly one of the most useful exploits in the NSA cyber arsenal. Former NSA operators told NYT on condition of anonymity that analysts needed almost a year to find a bug in Microsoft software and write code to specifically fix that bug.
The exploit they created originally called EnternalBluescreen because it often crashed computers and pointed targets that something was wrong. It has been perfected into a reliable tool that was reportedly used in several missions. EternalBlue was such a valuable tool that the NSA never told Microsoft that there were security holes in their software, and kept the tool for five years before it was lost in the wild and the agency had to inform Microsoft.
North Korea used the lost NSA tool for WannaCry in 2017 and was the first to co-opt. Russia later used the tool in an attack called NotPetya, which cost FedEx and Merck Pharmaceuticals more than $ 1 billion, even though they did not specifically target them. When the Shadow Brokers started backing up the NSA tools online, the agency informed Microsoft about the bug. The problem is that hundreds of thousands of computers around the world are left unprotected. In March, the NSA released the Ghidra tool, a cyber security reverse engineering toolkit. Many are skeptical of the software and fear it is another NSA tool to gain access to computer systems around the world.