Baltimore Hacked by NSA Cyber-weapon

May 27, 2019

On the morning of May 7, thousands of Baltimore City Government computer systems were widely disabled in a cyber-attack. Within a few hours one computer screen after another froze up and displayed the computer hackers’ ransom demand. They wanted 3 Bitcoins (about $17,600 right now) to free up each computer network, or 13 Bitcoins for freeing up all the city’s systems—about $100,000 in all.

The hackers’ message read: “We’ve watching you for days and we’ve worked on your systems to gain full access to your company and bypass all of your protections.” The note said if the ransom wasn’t paid in four days, the price would go up. After ten days, the city wouldn’t be able to get any of its data back. The note warned against contacting the FBI, and that attempts to use anti-virus software to stop or roll back the computer virus would cause damage to the data. “Don’t ask for more times or somethings like that.... We won’t talk more, all we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!”

As a result of this attack, most city services shut down: No emails, no real estate sales transactions, no payments of water bills, parking or traffic tickets, no online communication about impounded cars, no health alerts, etc.

On May 25, with most city computers still down, the news media reported that secret informants had told them the malware used to attack the computers was originally developed by NSA (the National Security Administration) as a weapon it calls EternalBlue that it uses against targets in foreign countries. It exploits a weakness in Microsoft Windows operating systems to rapidly spread viruses in hacked computers.

But in 2017, an unidentified group of hackers calling themselves the “Shadow Brokers” dumped the EternalBlue cyber-weapon code online where it has since been used by state-sponsored attackers in North Korea, Russia and China. It was picked up by private hackers since then and is being widely used to extort ransom payments all over the world, now particularly from cities in the U.S., including Allentown, Pennsylvania; San Antonio, Texas; and Atlanta, Georgia. This is because many municipal computers use older Microsoft operating systems that have not been properly updated with a patch that protects them from EternalBlue and other malware. And Microsoft has not explained the importance of this patch because this would have required the company to reveal the sordid history of this particular malware.

So EternalBlue has caused billions of dollars of damage to hundreds of computer systems. Using Atlanta as a guide, one computer security expert says that it will probably cost Baltimore hundreds of thousands of dollars and take at least six months to get most of its systems back up and running.

This is far from the first time in history that a weapon developed by the U.S. or some other imperialist government has ended up being used against the country that developed it—just look at the use of chemical weapons today, for example.

But the almost universal use of similar computer systems throughout the world has now created incredibly costly threats that are being carried out for both military and criminal objectives in times of both peace and war.