The US National Security Agency NSA north facing threat from its own inventory the cyber open called Eternal Blue attacking us cities for ransom. recently the City of Baltimore was attacked by Ransomware – The mayor a of Baltimore is seeking federal aid to help pay for the cleanup from the RobbinHood malware’s damage. The May 7 ransomware attack that has paralyzed Baltimore’s city government for much of this month is a case in point.
2017 Eternal Blue Leak From NSA
In 2017 New York Times reported that eternal blue was Hijacked by rough foreign adversaries or insider what NSA denied successfully. Fifteen months into a wide-ranging investigation by the agency’s counterintelligence arm and the F.Bi officials still do not know whether the N.S.A. is the victim of a hack or an insider’s leak. In 2007 Jack Williams who was a former NSA hacking analyst was surprised by a tweet from Shadow broker mentioned him as an NSA analyst what he never shared publicly. Technical capabilities shared by the shadow broker let him to believe his work on the project call eternal blue was Hijacked by the rough entity.
What is Eternal Blue ?
EternalBlue was part of a set of tools developed for the NSA’s Tailored Access Operations (TAO) group.EternalBlue exploits a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol. The NSA did not alert Microsoft about the vulnerabilities and held on to it for more than five years before the breach forced its hand. The agency then warned Microsoft after learning about EternalBlue’s possible theft. At the end of 2018, millions of systems were still vulnerable to EternalBlue. This has led to millions of dollars in damages due primarily to ransomware worms
Investigation
Leon E. Panetta, the former defense secretary and director of the Central Intelligence Agency. said “These leaks have been incredibly damaging to our intelligence and cyber capabilities,” said “The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected.” According to Microsoft, it was the United States’s NSA that was responsible, by dint of its controversial strategy of “stockpiling of vulnerabilities”, for, at the least, preventing Microsoft from timely public patching of this, and presumably other, hidden bugs .
Ransomware :
The recent ransomware cyber attack 2018 believed to be a product of NSA cyber weapon eternal blue.2018 cyber attack cost more than 1 billion dollars around the world and damaged million computers.United Kingdom Kingdom health system was totally taken by ransomware perpetrator. There were 181.5 million ransomware attacks in the first six months of 2018.
Baltimore’s city
Baltimore – the colorful, diverse city that is Maryland’s largest city and economic hub, is known for its beautiful harbor and the world-renowned Johns Hopkins Hospital. The May 7 ransomware attack, Essential city services, from obtaining permits to closing home sales, have been unavailable. The source of the Baltimore attack isn’t known yet, but others perpetrators are known — for instance, U.S. intelligence agencies have identified North Korea as the source of some attacks.
References to Read :
2017 new York Times article about the hijack of eternal blue
Baltimore City Ransomware Attack Knocks City Services
Baltimore city government computer network hit
Baltimore city government computers were infected with ransomware Tuesday, the mayor’s office said, the second time in just over a year that hackers demanding payment disrupted the city’