Ransomware Attack Origins Spawn from NSA’s EternalBlue But Bitcoin Takes Brunt of the Blame
- Ransomware attacks continue to affect users, including Baltimore City
- Apparently, the ransomware attack was effective since attackers used NSA’s cyberweapons
A few weeks ago we wrote how the city of Baltimore was affected by a ransomware attack in which attackers requested around $76,000 in Bitcoin (BTC). Several computers and systems were affected by this attack but the city preferred not to pay the ransom.
Ransomware Attacks Become Stronger
The New York Times released a report in which they informed that there was a ransomware attack in Baltimore, Maryland, which used technology and methods used by the National Security Agency (NSA). The cyberweapon used by the attackers is called EternalBlue and was discovered by the contractors hired to investigate the attack.
Apparently, this weapon was stolen back in 2017 by a group of stealers called Shadow Brokers. Nonetheless, the NSA refused to comment on the matter. Attackers from North Korea and Russia have been leveraging the capacity of this weapon and cause several billions of dollars of damage.
According to the Maryland Congressman Dutch Ruppersberger, senior leaders from the NSA said there was no evidence that EthernalBlue played a key role in the last ransomware attack experienced by Baltimore City.
At the moment, the investigators that are working on the attack to understand what happened requested to remain anonymous, since they need to understand how the attack was processed. Apparently, hackers could have breached an open server in Baltimore’s network and install a back door. The EthernalBlue software could have been used to travel through Baltimore’s computers and a separate software tool called “Web Shell” could have also been deployed.
In general, mainstream media tends to attack Bitcoin rather than the lack of security that the NSA had. In general, there is no knowledge about Bitcoin and this can be seen in the different reports made about it.