As we learned after the Vault 7 dump in 2017, which detailed the many frightening cyber hacking tools used by the CIA and NSA, our intelligence community possesses the means and the motivation to spy on Americans on a staggering level.
Now, we have learned that one or more of these high tech computer hacking technologies has fallen into the hands of criminals and is being used to attack the city of Baltimore as well as other major US targets.
For just over three weeks now, the city of Baltimore has been burdened with a series of extortion attacks from computer hackers using tools stolen from the NSA. The attacks have shut down thousands of computers, disrupting businesses, shutting down people’s ability to pay their bills, intercepting health alerts, and much more.
In 2017, the NSA lost control of a critical cyberwarfare tool called EternalBlue. We are told, the program has been commandeered by North Korean, Russian, and Chinese state-funded hackers. Now, we hear about it two years later when a major city gets hit with a serious debilitating attack.
The type of attack used is a common one on today’s cyber warfare stage known as a ransomware attack. Ransomware disables a computer via a messaging system like email, giving the attacker enough communications ability with the victim to demand payment for the release of their machine and their data.
Reasonable people commenting on this type of attack agree that the best way to deal with such an attack is to refuse to pay the ransom no matter what has been lost. In the vast majority of cases, those who give in to the demands of the ransom threat are treated to more similar attacks.
One would hope that a computer expert would be able to find a way to liberate the data of those who have been attacked by ransomware hackers. However, this is not the case. Professionals who portend to have a solution available have not been entirely forthcoming. The industry standard is to take the client’s computer and to pay the ransom, and then to charge the client the ransom amount plus service fees.
Still, the problem with the NSA’s EternalBlue is that it comes with an advanced attack feature that allows it to go beyond a single recipient. The “worm” feature enables the cyber weapon to tunnel deep into a user network, allowing it to attack more than just one recipient, but many.
Now, attacks using EternalBlue have gone far beyond the Baltimore area, hitting utilities and businesses in Texas and Pennsylvania. It is crippling local governments, healthcare facilities, and utility companies.
Now, the question remains, why does the NSA have offensive extortion-based cyber weapons? Why would an agency, concerned with national security, develop and use ransomware? That is so far out of their purview that it really should be a glaring problem.
The New York Times was one of the first outlets to report on this story, and the fact that the NSA is developing offensive cyber weapons didn’t seem to ruffle any feathers over there.
The question that we can’t help but ask is: Who, exactly, would the NSA target with ransomware? Under what circumstance would the use of a black-hat attack of this kind be justified by a supposedly above-board American intelligence agency?
Even if Americans were given the opportunity to vote on the existence of an agency like the NSA, what sort of citizen would approve of their using ransomware?
Now, there’s one more question we should be asking ourselves. What are the odds that the NSA did not lose control of this cyber weapon accidentally? Would it not make sense that the NSA could not properly test the attack software if it were contained? Would they not get better information if it were “stolen?”
We know this, it has been technically legal for the U.S. military to test biological weapons on Americans for decades, and records of such tests go back to at least the 1950s. The military has released biological weapons in New York, New Orleans, and San Francisco.
What makes us so sure the NSA wouldn’t do the same thing?