The authorities of the American city of Baltimore are seeking money from the federal fund to recover from a devastating ransomware attack in which the EternalBlue exploit created by the US National Security Agency (NSA) was allegedly used.
Mayor of Baltimore, Bernard Young, said at a press conference that he had asked the federal government for financial support that would help the city remove the effects of the RobinHood blackmail attack that occurred in early May.
It was a very intelligent virus. When the NSA does something, it does it well, which is why I just hope that the agency has developed a way that will allow us all to get out of this oppression, “Young said.
According to the New York Times, Young meant EternalBlue, an NSA exploit developed years ago that was later stolen by foreign agents. The same exploit was used in the large-scale destructive attacks of WannaCry and NotPetya in 2017.
However, the AFP news agency cites a security expert saying that EternalBlue was not used in the RobinHood attack. Meanwhile, sources similar to Ars Technica have informed the agency that ransomware has spread on the network – at least in part – thanks to the code snippet excised from the EternalBlue exploit, which the ShadowBrokers hacker contributed to the leak.
Sources also say that RobinHood has gained ground due to an earlier phishing attack on a careless magistrate employee. This fact shows, perhaps for the millionth time, how important staff training in cyber security is.
The current director of information and digital technology in the Baltimore authorities, Frank Johnson, has reportedly hired Gartner Research to help develop a five-year plan to modernize the city’s IT infrastructure. However, Ars reports, the plan remains “largely unrealized.”
Decades of managing decentralized IT infrastructure and insufficient investment have led to the creation of a system that is now difficult to meet the needs of the city and raise the level of services provided to both residents and businesses, “Johnson said. What’s more, the system is outdated in many respects and does not provide the opportunities that competing cities have.
The Municipal Bureau of Information Technology in Baltimore estimates that the city will have to increase its IT spending to “within $ 128-156 million” to cope with future cyber threats. In 2018, the IT budget accounted for only 2.5% of the city’s total budget, which amounted to USD 65 million. In 2019, these funds are even lower, as they amount to only USD 31 million.
Young urges the federal government to cover part of these costs, blaming the NSA for the existence of the EternalBlue exploit.
Scan the pages you visit using this website scanner.
After the 2017 WannaCry and NotPetya attacks, Microsoft released patches to fix the vulnerabilities used by EternalBlue. However, two years after detecting the incidents, the Shodan search engine shows that the virus spreading as a worm continues to threaten millions of Internet-connected computers.