A computer screen inside the Threat Operations Center at NSA headquarters in Fort Meade, Maryland, in the Baltimore metro area.
Brooks Kraft/Getty Images
A hacking tool developed by the US National Security Agency is now being used to shut down American cities and towns, says a Saturday report in The New York Times.
Code-named EternalBlue, the hacking exploit involves malicious software and was leaked in 2017 by a group called Shadow Brokers. Hackers used the tool that same year in the worldwide WannaCry ransomware attacks, which locked up computer systems at hospitals, banks and phone companies and required a ransom to set the networks free. It was also used in the 2017 NotPetya assault against Ukraine, which has been called one of the most destructive cyberattacks ever.
Now, though, EternalBlue has reportedly landed in the NSA’s own backyard: Baltimore, site of the agency’s headquarters. The city has been hobbled since a ransomware attack on May 7 ensnared the local government’s computers, disrupting city services. Baltimore’s IT department is only slowly getting systems up and running again.
“It is not just in Baltimore,” says the Times report. “Security experts say EternalBlue attacks have reached a high, and cybercriminals are zeroing in on vulnerable American towns and cities, from Pennsylvania to Texas, paralyzing local governments and driving up costs.”
The news might prompt some surveillance critics and privacy advocates to say, “I told you so.”
For years, law enforcement and intelligence agencies have argued that backdoors should be built into encryption systems to allow the agencies to access suspects’ computers. And the NSA has often developed its own tools for cracking into machines and networks to gather data. But critics have long argued that any such backdoors would inevitably be discovered by hackers and that efforts by spy agencies could spin out of control.
Referring to EternalBlue, Vikram Thakur, Symantec’s director of security response, told the Times that “it’s incredible that a tool which was used by intelligence services is now publicly available and so widely used.” And unnamed officials told the paper that more accountability was needed at the NSA, with one comparing the EternalBlue leak to failing to secure a warehouse of automatic weapons.
Agency advocates, though, say such tools are needed to fight crime and terrorism, and that they’re the inevitable cost of being prepared for cyberwarfare and ensuring national security.
When asked by CNET about the Times report, the NSA declined to comment.
