When hackers knocked out the city of Baltimore with a ransomware attack last month, the focus was not on the flight itself, but on a ransom of 76,000 bitcoins.
The NSA passes the ransomware
According to a recent New York Times report, the use of a cyber-weapon stolen by the National Security Agency (NSA) has facilitated the attack of a ransomware in Baltimore, Maryland in may.
In a previously published article, the Times reported that the cyber-weapon "EternalBlue" had been discovered by four analysts to investigate the attack and repair the city's network.
The weapon may have been stolen and redistributed by a group called Shadow Brokers in 2017, but the NSA declined to comment on the existence or existence of the cyber-weapon.
EternalBlue 2017 has been used in attacks by North Korea and Russia. This tool has caused damage worth billions of dollars to various governments and businesses.
Maryland Congressman, Dutchman Ruppersberger, also told the media that he had been briefed by "senior leaders" of the NSA. According to Ruppersberger, the NSA said "that there is no evidence yet." argue that EternalBlue played a role in the Baltimore City ransomware attack. "
BTC payment declined
EternalBlue could have been used to perform a search on the Baltimore computer, and a separate software called "Web Shell" could have helped. The pirates claimed a ransom of $ 76,000 in Bitcoin, but Major Bernard C. Young refused to pay. While this may have been a wise decision, the city now estimates that the cost of the ransomware attack is more than $ 18 million in lost sales and recovery costs.
According to investigators, a popular hacking technique called "pass-the-hash" has helped spread ransomware – and lately, EternalBlue has served as an instrument to attack local and municipal governments in the United States. These locations tend to use older devices that lack important software updates, according to the theory.
In 2017, Microsoft released a Windows update that allegedly protected the Baltimore computers against EternalBlue – but it appears that the update was not installed.
Bitcoin should be responsible again
Curiously, Bitcoins are often scapegoats and are accused of ransomware and other attacks. A report published in April concluded that BTC accounted for 98% of all payments related to ransomware encryption, with private parts such as Monero accounting for a relatively small proportion.
However, in this case, the real culprit is certainly the aging technology infrastructure of the United States and the lack of adequate cybersecurity training for local government employees.
Proof of text: bitcoinist