A cyberweapon called EternalBlue, developed by the USA’s own National Security Agency (NSA) has been compromised by hackers calling themselves the Shadow Brokers and has since been picked up by hackers in Russia, China and North Korea causing global destruction. The system was leaked in 2017 and has begun an attack on its own soil with the latest happening on May 7th in Baltimore.
EternalBlue was originally used by the NSA for counterterrorism and intelligence gathering but is now being used by hackers to target American cities with vulnerable, out of date equipment as well as airports, hospitals and rail shipping. It has disrupted water bills, public health alerts, real estate sales and email. US cities from Dallas to New York have had their systems crippled. Cybersecurity expert Thomas Rid is calling the Shadow Brokers incident ‘the most destructive and costly N.S.A breach in history’.
The latest breach in Baltimore had city employees’ computers lock and display a message demanding $100,000 in Bitcoin to reverse the malware. City officials refuse to pay. They have managed some workarounds to restore some services. Without the use of the EternalBlue cyberweapon, the damage would not have been so widespread. It allowed malware to be spread quicker and farther than they could have otherwise.
In 2017, North Korea used this cyberweapon to attack the British healthcare system and 200,000 other organizations around the world. Russia then attacked the Ukraine and major businesses across the country, which cost FedEx $400 million dollars. They also hacked hotel Wi-Fi networks to spread malware.
These attacks threaten everyone and in an attempt to prevent them, Microsoft, as well as Facebook and Google, have joined 50 other countries by calling for a “Digital Geneva Convention” which would govern cyberspace and where governments would warn vendors of vulnerabilities in their system instead of keeping them a secret to exploit for espionage.
Of the 50 countries who signed the pledge, the main cyberactors that were missing were Russia, North Korea, China, Iran, Israel and the United States of America.
If you want to learn more about protecting your organization against cyberattacks, contact BSC Solutions Group today.