Latest in Gear

Image credit: REUTERS/Stephanie Keith

Ransomware attacks in US cities are using a stolen NSA tool

The consequences of NSA code leaks are hitting home.
1038 Shares
Share
Tweet
Share
Save

Sponsored Links

REUTERS/Stephanie Keith

The ransomware attacks in Baltimore and other US cities appear to have a common thread: they're using NSA tools on the agency's home soil. In-the-know security experts talking to the New York Times said the malware in the cyberattacks is using the NSA's stolen EternalBlue as a "key component," much like WannaCry and NotPetya. While the full list of affected cities isn't available, San Antonio and the Pennsylvania city of Allentown have reportedly been victims of EternalBlue-based campaigns.

Microsoft has issued fixes for affected Windows version after the NSA disclosed the long-secret vulnerabilities. However, these attacks frequently succeed due to fragmented local governments that tend to be cautious about upgrades. In addition to using a mishmash of software and configurations that complicates updates, cities may be hesitant to patch or upgrade their software due to compatibility concerns and tight budgets.

And unfortunately, the NSA isn't likely to help. While it helped Microsoft patch the security hole after EternalBlue became public in 2017, it has so far turned down discussion of the flaw and hasn't even acknowledged that the code loss took place. The NSA and FBI have declined to comment on the new revelations.

Whatever its involvement, incidents like Baltimore's highlight a problem with the NSA and other intelligence agencies hoarding exploits. The practice only works so long as officials have total control over vulnerabilities and the matching hacking tools. If data for either gets out, they effectively give criminals and foreign spies an advantage over an unprepared public. And when these exploits seldom discriminate between countries, they can cause plenty of damage at home.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
1038 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's 2019 Back-to-School Guide

Engadget's 2019 Back-to-School Guide

View
Tesla suspension update helps Model S and Model X high-speed driving

Tesla suspension update helps Model S and Model X high-speed driving

View
Singapore forgoes Tesla's electric 'lifestyle' for buses

Singapore forgoes Tesla's electric 'lifestyle' for buses

View
Chicago will test Samsung's DeX in-vehicle solution in cop cars

Chicago will test Samsung's DeX in-vehicle solution in cop cars

View
Apple warns against storing its titanium credit card in leather

Apple warns against storing its titanium credit card in leather

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr