NYT: Tool used in cyber attack on City of Baltimore was developed at Maryland-based NSA - Technical.ly Baltimore

Civic

May 28, 2019 10:51 am

NYT: Tool used in cyber attack on City of Baltimore was developed at Maryland-based NSA

Called EternalBlue, the tool has been used in multiple attacks against towns and cities. It was released online in 2017, the Times reports.
NSA headquarters at Fort Meade.

NSA headquarters at Fort Meade.

(Photo via Wikimedia Commons)

As many city government IT systems in Baltimore continue to be inaccessible following a cyber attack, a weekend report from the New York Times brought a new revelation that the malware used in the attack was developed close to home.

A “key component” of the malware was a tool that was stolen from the National Security Agency, the New York Times’ Nicole Perlroth and Scott Shane reported, citing security experts briefed on the case.

“The tool exploits a vulnerability in unpatched software that allows hackers to spread their malware faster and farther than they otherwise could,” states the report, which led Sunday’s paper.

Called EternalBlue, the cyberweapon was initially used for intelligence purposes. But it was released online in 2017 by a group called the Shadow Brokers, and has since been used as part of attacks in numerous attacks against towns and cities. That includes Baltimore, which is located just up the Baltimore-Washington Parkway from Fort Meade, where NSA is headquartered.

The tool was also used in the widespread WannaCry attack in 2017, among others. NSA hasn’t acknowledged the loss of the tool.

Microsoft released a patch in 2017, but Baltimore is among municipalities where attackers found a “sweet spot … where public employees oversee tangled networks that often use out-of-date software,” the Times reported.

Advertisement

On Tuesday, The Washington Post’s Cybersecurity 202 newsletter noted the debate playing out in the cybersecurity community about whether blame lies with the NSA or organizations that allow systems to go unpatched.

Following the report on Saturday, City Council President Brandon Scott called on Gov. Larry Hogan to seek a federal emergency and disaster declaration from the federal government for the Baltimore attack. This would allow for reimbursement of damages, costs and infrastructure repairs.

“Given the new information and circumstances it’s even more clear that the federal government needs to have a larger role in supporting the City’s recovery, including federal reimbursement for damages,” Scott said in a statement.

“I’m confident that our state leadership will do what is right for Maryland’s largest city and citizens that have been attacked, likely by foreign actors, through no fault of their own,” Scott said. “The fact that the root technology that enabled this attack came from our own federal government, just miles away, only adds insult to injury.”

Companies: City of Baltimore
-30-
BECOME A CONTRIBUTOR TO THE JOURNALISM FUND TO COMMENT
Already a contributor? Sign in here
Connect with companies from the Technical.ly community
New call-to-action

Advertisement

These Howard County cybersecurity companies formed a biz partnership

How DreamPort is creating space for collaboration on cyber challenges

Annapolis’ SIXGEN grabbed the win at DEFCON 27’s Capture the Flag

SPONSORED

Baltimore

Why two eminent Baltimore higher-ed institutions collaborated to create this unique dual degree program

Baltimore

Protenus

DevOps Engineer

Apply Now

Philadelphia

Vistar Media

Sr. Software Engineer

Apply Now

Philadelphia

Vistar Media

Front End Engineer

Apply Now

Power Moves: Leadership changes at CAMI and Maryland Momentum Fund

UMBC and UMB are joining forces to protect and probe medical data

clean.io releases data behind malicious ads

SPONSORED

Baltimore

What Asymmetrik is doing to help lead healthcare’s digital transformation

Baltimore, MD

14 West

BI TechOps Analyst

Apply Now

Baltimore, MD

14 West

Scrum Master

Apply Now

Baltimore, MD

14 West

Lead Qlik Developer

Apply Now

Sign-up for daily news updates from Technical.ly Baltimore

Do NOT follow this link or you will be banned from the site!