Civic News

NYT: Tool used in cyber attack on City of Baltimore was developed at Maryland-based NSA

Called EternalBlue, the tool has been used in multiple attacks against towns and cities. It was released online in 2017, the Times reports.

NSA headquarters at Fort Meade. (Photo via Wikimedia Commons)

As many city government IT systems in Baltimore continue to be inaccessible following a cyber attack, a weekend report from the New York Times brought a new revelation that the malware used in the attack was developed close to home.

A “key component” of the malware was a tool that was stolen from the National Security Agency, the New York Times’ Nicole Perlroth and Scott Shane reported, citing security experts briefed on the case.

“The tool exploits a vulnerability in unpatched software that allows hackers to spread their malware faster and farther than they otherwise could,” states the report, which led Sunday’s paper.

Called EternalBlue, the cyberweapon was initially used for intelligence purposes. But it was released online in 2017 by a group called the Shadow Brokers, and has since been used as part of attacks in numerous attacks against towns and cities. That includes Baltimore, which is located just up the Baltimore-Washington Parkway from Fort Meade, where NSA is headquartered.

The tool was also used in the widespread WannaCry attack in 2017, among others. NSA hasn’t acknowledged the loss of the tool.

Microsoft released a patch in 2017, but Baltimore is among municipalities where attackers found a “sweet spot … where public employees oversee tangled networks that often use out-of-date software,” the Times reported.

On Tuesday, The Washington Post’s Cybersecurity 202 newsletter noted the debate playing out in the cybersecurity community about whether blame lies with the NSA or organizations that allow systems to go unpatched.

Following the report on Saturday, City Council President Brandon Scott called on Gov. Larry Hogan to seek a federal emergency and disaster declaration from the federal government for the Baltimore attack. This would allow for reimbursement of damages, costs and infrastructure repairs.

“Given the new information and circumstances it’s even more clear that the federal government needs to have a larger role in supporting the City’s recovery, including federal reimbursement for damages,” Scott said in a statement.

“I’m confident that our state leadership will do what is right for Maryland’s largest city and citizens that have been attacked, likely by foreign actors, through no fault of their own,” Scott said. “The fact that the root technology that enabled this attack came from our own federal government, just miles away, only adds insult to injury.”

Companies: City of Baltimore

Before you go...

Please consider supporting Technical.ly to keep our independent journalism strong. Unlike most business-focused media outlets, we don’t have a paywall. Instead, we count on your personal and organizational support.

Our services Preferred partners The journalism fund
Engagement

Join our growing Slack community

Join 5,000 tech professionals and entrepreneurs in our community Slack today!

Trending

The person charged in the UnitedHealthcare CEO shooting had a ton of tech connections

From rejection to innovation: How I built a tool to beat AI hiring algorithms at their own game

Where are the country’s most vibrant tech and startup communities?

The looming TikTok ban doesn’t strike financial fear into the hearts of creators — it’s community they’re worried about

Technically Media