X

The Tool Used to Hack US Cities? Guess Who Made It

The NSA designed a tool that's now used by America's enemies
By Neal Colgrass,  Newser Staff
Posted May 25, 2019 12:10 PM CDT
This Thursday, June 6, 2013 file photo shows the National Security Administration (NSA) campus in Fort Meade, Md.   (AP Photo/Patrick Semansky)
camera-icon View 1 more image

(Newser) – An online hacking tool developed by the NSA is being used to cripple American cities and extort millions of dollars from government coffers, the New York Times reports. Called EternalBlue, the tool was stolen in 2016 and dropped online the year after, enabling rogue actors and foreign intelligence agencies to use it against hospitals, airports, factories, ATMs, and other targets. Now the victims are US cities including Baltimore, San Antonio, and Allentown, Pa. And the perpetrators aren't messing around: "We've been watching you for days," said a message that popped up on Baltimore city workers' screens in early May, demanding roughly $100,000 in Bitcoin to unlock their files, per the Baltimore Sun. "We won't talk more, all we know is MONEY! Hurry up!"

NSA workers apparently found a flaw in Microsoft's software but didn't tell Microsoft while the agency used EternalBlue for counter-terror and intelligence-gathering. Only when Shadow Brokers leaked the tool did the NSA inform Microsoft, which put out a patch—yet hundreds of thousands of computers remain unprotected around the world. Not all the damage is known, but Allentown had to pay about $1 million and Baltimore, which refuses to pay, is trying to restore services with workarounds. Meanwhile, officials are disputing who's to blame and what's to be done. "Congressional oversight appears to be failing," says a cybersecurity expert. "The American people deserve an answer." (See what happened when hackers hit Atlanta.)

My Take on This Story
Show results  |  
17%
6%
16%
4%
42%
16%