The software tool, known as EternalBlue, has crippled computers in Baltimore and elsewhere.
The news: According to the New York Times, EternalBlue has been used in a “ransomware” attack that has encrypted files in computer systems used by city officials in Baltimore. The hackers have demanded around $100,000 in Bitcoin to liberate thousands of machines. Residents can no longer pay things like utility bills online.
A cyber own goal: EternalBlue was created by the US NSA to exploit a flaw in Microsoft’s operating system. The agency reportedly kept it secret for five years, but in 2017 a mysterious group called the Shadow Brokers leaked the code. Microsoft promptly issued a software fix, but Baltimore’s experience suggests it hasn’t been applied rigorously enough yet.
Answers needed: The NSA hasn’t yet commented on EternalBlue, but some politicians are calling for a full briefing about its role in the debacle.
—Martin Giles
No comments:
Post a Comment