Not too many people should be surprised to learn the EternalBlue hacking exploit is still making the rounds. After becoming a successful tool to deliver WannaCry and NotPetya ransomware, it now seems the exploit is being used to target major cities’ infrastructure. Criminals are having a field day with this exploit. Considering how it was initially developed by the NSA, one could go as far as claiming how justice is being served.
Over the past few years, the stolen NSA hacking tools have made quite an impact. While most people will know this exploit for its involvement in ransomware delivery, the NSA’s favorite tool is capable of wreaking a lot more havoc. More specifically, it seems the same tool is now being used to successfully cripple American cities and their IT infrastructure. Not the development people had hoped for, but it is evident this trend will not go away automatically either.
Ever since the Shadow Brokers offered EternalBlue to everyone with an internet connection, the tool has become a lot more popular. Regardless of how one might feel about the NSA developing powerful hacking tools, it appears the agency has checked a lot of the right boxes regarding this particular exploit. So much even that criminals continue to find new use cases to put the technology to good use.
The first major incident – in this regard – linked to EternalBlue comes in the form of what happened in Baltimore. Not only has the city’s IT infrastructure struggled since a ransomware attack three weeks ago, but it also seems getting the systems up and running again is a monumental task. Several of the city’s services have been disrupted in the process, which is only to be expected from such a targeted attack.
Whereas the Baltimore story has made a fair few headlines, it is not the only US city struggling at this time. Very similar attacks are targeting vulnerable American cities ranging anywhere from Pennsylvania to Texas. Rest assured this is only the first wave of attacks involving the NSA’s home-grown hacking tool. It seems very likely more and more cities will be targeted in the US, as well as in other countries around the world.
As terrible as these attacks may be, one also has to admit it was a matter of time until something like this happened. Surveillance critics and privacy advocates have never been too amused by the tools developed by the NSA, either officially or unofficially. As such, it now seems their own creation has come to cause a lot of havoc in the agency’s own backyard. Karma is a very interesting concept, albeit these attacks will need to be nipped in the bud sooner rather than later.
Any tool designed to create or exploit backdoors in a computer system will find its way to the black market sooner or later. While not everyone can steal tools from the NSA by any means, one has to keep in mind there are a lot of crafty developers among cybercriminals as well. Some even build tools just to sell them and rake in profits along the way. EternalBlue is the current proverbial flavor of the month, but there will be other variants for many years to come.