Latest in Gear

Image credit:

Ransomware attacks in US cities are using a stolen NSA tool

The consequences of NSA code leaks are hitting home.
Jon Fingas, @jonfingas
May 25, 2019
6 Shares
Share
Tweet
Share

Sponsored Links

REUTERS/Stephanie Keith

The ransomware attacks in Baltimore and other US cities appear to have a common thread: they're using NSA tools on the agency's home soil. In-the-know security experts talking to the New York Times said the malware in the cyberattacks is using the NSA's stolen EternalBlue as a "key component," much like WannaCry and NotPetya. While the full list of affected cities isn't available, San Antonio and the Pennsylvania city of Allentown have reportedly been victims of EternalBlue-based campaigns.

Microsoft has issued fixes for affected Windows version after the NSA disclosed the long-secret vulnerabilities. However, these attacks frequently succeed due to fragmented local governments that tend to be cautious about upgrades. In addition to using a mishmash of software and configurations that complicates updates, cities may be hesitant to patch or upgrade their software due to compatibility concerns and tight budgets.

And unfortunately, the NSA isn't likely to help. While it helped Microsoft patch the security hole after EternalBlue became public in 2017, it has so far turned down discussion of the flaw and hasn't even acknowledged that the code loss took place. The NSA and FBI have declined to comment on the new revelations.

Whatever its involvement, incidents like Baltimore's highlight a problem with the NSA and other intelligence agencies hoarding exploits. The practice only works so long as officials have total control over vulnerabilities and the matching hacking tools. If data for either gets out, they effectively give criminals and foreign spies an advantage over an unprepared public. And when these exploits seldom discriminate between countries, they can cause plenty of damage at home.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
6 Shares
Share
Tweet
Share

Popular on Engadget

Put Bernie Sanders almost anywhere with this Google Street View app

Put Bernie Sanders almost anywhere with this Google Street View app

View
The first big 'Cyberpunk 2077' patch has arrived

The first big 'Cyberpunk 2077' patch has arrived

View
The Morning After: The Galaxy S21 reviews are in

The Morning After: The Galaxy S21 reviews are in

View
NBC is shutting down its sports cable channel as the bundle contracts

NBC is shutting down its sports cable channel as the bundle contracts

View
President Biden appoints 'world-class' cybersecurity team in wake of hacks

President Biden appoints 'world-class' cybersecurity team in wake of hacks

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr