NYT: Tool used in cyber attack on City of Baltimore was developed at Maryland-based NSA - Technical.ly Baltimore


May 28, 2019 10:51 am

NYT: Tool used in cyber attack on City of Baltimore was developed at Maryland-based NSA

Called EternalBlue, the tool has been used in multiple attacks against towns and cities. It was released online in 2017, the Times reports.

NSA headquarters at Fort Meade.

(Photo via Wikimedia Commons)

As many city government IT systems in Baltimore continue to be inaccessible following a cyber attack, a weekend report from the New York Times brought a new revelation that the malware used in the attack was developed close to home.

A “key component” of the malware was a tool that was stolen from the National Security Agency, the New York Times’ Nicole Perlroth and Scott Shane reported, citing security experts briefed on the case.

“The tool exploits a vulnerability in unpatched software that allows hackers to spread their malware faster and farther than they otherwise could,” states the report, which led Sunday’s paper.

Called EternalBlue, the cyberweapon was initially used for intelligence purposes. But it was released online in 2017 by a group called the Shadow Brokers, and has since been used as part of attacks in numerous attacks against towns and cities. That includes Baltimore, which is located just up the Baltimore-Washington Parkway from Fort Meade, where NSA is headquartered.

The tool was also used in the widespread WannaCry attack in 2017, among others. NSA hasn’t acknowledged the loss of the tool.

Microsoft released a patch in 2017, but Baltimore is among municipalities where attackers found a “sweet spot … where public employees oversee tangled networks that often use out-of-date software,” the Times reported.


On Tuesday, The Washington Post’s Cybersecurity 202 newsletter noted the debate playing out in the cybersecurity community about whether blame lies with the NSA or organizations that allow systems to go unpatched.

Following the report on Saturday, City Council President Brandon Scott called on Gov. Larry Hogan to seek a federal emergency and disaster declaration from the federal government for the Baltimore attack. This would allow for reimbursement of damages, costs and infrastructure repairs.

“Given the new information and circumstances it’s even more clear that the federal government needs to have a larger role in supporting the City’s recovery, including federal reimbursement for damages,” Scott said in a statement.

“I’m confident that our state leadership will do what is right for Maryland’s largest city and citizens that have been attacked, likely by foreign actors, through no fault of their own,” Scott said. “The fact that the root technology that enabled this attack came from our own federal government, just miles away, only adds insult to injury.”

Companies: City of Baltimore
Already a member? Sign in here
Connect with companies from the Technical.ly community
New call-to-action


Two tech tenants sign on for space at Columbia’s Merriweather District

Baltimore Police Department launches digital marketing campaign to recruit officers

Gov. Hogan creates CISO position for State of Maryland



How law firm Nemphos Braue is guiding startups along the new business learning curve

Baltimore, MD 21201

14 West

Junior Database Administrator

Apply Now
Baltimore, MD


Account Executive (Baltimore)

Apply Now


Vice President of Business Development

Apply Now

Here’s a look at Baltimore’s proposed rules and regulations for e-scooters, e-bikes

Congressman: ‘No evidence’ that NSA cyberweapon was used in Baltimore

Protecting passwords: Relatively simple solutions for a big cybersecurity risk



Building a data acquisition system? Don’t make this mistake


emocha Mobile Health

Software Engineer

Apply Now

RackTop Systems

API Guru

Apply Now


Front End Developer

Apply Now

Sign-up for daily news updates from Technical.ly Baltimore

Do NOT follow this link or you will be banned from the site!