Baltimore has battled the effects
of a ransomware attack that started May 7 and now it seems that a familiar
culprit, the National Security Agency (NSA) EternalBlue tool, known to exploit
some versions of Microsoft Windows XP and Vista, is behind the city’s misery,
which has included a shutdown of many vital systems and services.Although Microsoft released a
patch for the vulnerability just one day after The Shadowbrokers hacking group
published it in April 2017, EternalBlue has wreaked havoc through devastating cyberattacks
such as WannaCry and NotPetya in 2017.“The government has refused to take responsibility, or even to answer the most basic questions,” the New York Times, which first reported the EternalBlue connection, quoted Johns Hopkins University cybersecurity expert Thomas Rid as saying. “Congressional oversight appears to be failing. The American people deserve an answer.”Rid said release of the tool was “the most destructive and costly
NSA breach in history.”In Baltimore’s case, the exploit was used May 7 to spread
Robbinhood ransomware, shutting down most of the city’s servers and forcing
the city council to cancel meetings. The ransom note which contained an a la
carte demand list asking for 3 bitcoins, about $17,600, to decrypt individual
systems or 13 bitcoins, about $76,000, to decrypt all the city’s systems.A week later, security firm Armor came across a tweet that may
contain information
gleaned from the Baltimore’s network.Eric
Sifford, a security researcher with Armor’s Threat Resistance Unit, found a
tweet dated May 12 containing usernames, passwords and other possibly sensitive
information that appears to be related to Baltimore. The company didn’t release
the handle of the newly created account, but it did say in a blog the name contained the word Robbinhood, the
name of the ransomware variant used in the attack.Baltimore’s city council created the Committee
on Cybersecurity and Emergency Preparedness to examine how the municipality
dealt with the attack, but didn’t offer an ETA on when full services will be
restored. The lone bright spot has been that the city’s emergency services
sector was not hit.The services affected include paying some utility bills, property
taxes, real estate transactions and the city has been unable to pay some
contractors for work completed.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



