May 7th was a devastating day for Baltimore city government officials after their systems were attacked with ransomware. The attack left residents unable to pay their water bills and other government-related services. Behind this attack, the hackers have used a tool developed by the NSA called EternalBlue.
EternalBlue works by exploiting the Windows XP and Vista systems- at least certain versions of it. Once the tool is able to find a vulnerability, it next allows other third parties to control them remotely. The EternalBlue tool developed by the National Security Agency has, in fact, been used in a couple of other high-profile security incidents. Back in 2017, after a cybersecurity lapse, Microsoft had released a patch to fix the vulnerability. However, until a user applies the patch, the vulnerability isn’t closed.
It’s been noted that the US has been the latest target for ransomware and malware attacks. The Baltimore attack is proof of this. Here, city officials were demanded to pay $76,000 ransom, which was curtly denied. The officials began manually implementing the services and even set up a temporary Gmail system, which was initially shut down adding to more woes.
Cybersecurity experts advice improved security practices and better implementation of patches. These can aid in preventing more attacks, even with sophisticated tools like EternalBlue.