{"id":3992,"date":"2019-05-31T14:01:48","date_gmt":"2019-05-31T12:01:48","guid":{"rendered":"https:\/\/www.retarus.com\/blog\/fr\/nsa-tool-cripples-us-local-authorities"},"modified":"2024-05-07T19:40:18","modified_gmt":"2024-05-07T17:40:18","slug":"nsa-tool-cripples-us-local-authorities","status":"publish","type":"post","link":"https:\/\/www.retarus.com\/blog\/fr\/nsa-tool-cripples-us-local-authorities\/","title":{"rendered":"NSA Tool Cripples US Local Authorities"},"content":{"rendered":"
For three weeks now, the computers at Baltimore\u2019s city administration have been held as virtual hostages. They have been infected with ransomware that relies on the \u201cEternalBlue\u201d malware developed by US military intelligence service the NSA. <\/p>
The extortionists are demanding a ransom of 13 bitcoins, which converts into roughly 100,000 dollars and which Baltimore is unwilling to pay. Consequently, numerous public services are currently not being provided as usual. And Baltimore is not alone. A recent article published in the New York Times<\/a> last weekend reports that Allentown, Pennsylvania, and the Texan city San Antonio are among other cities that have already come under attack by means of EternalBlue.<\/p> In local governments, networks have grown organically, meaning that they tend to become tangled, while software is also often out of date. As a result, hacking weaponry such as the NSA tools dumped on the web in 2017 by the Shadow Brokers (a group whose members remain totally anonymous) makes it more than easy to infect targets \u2013 despite the fact that patches have long since been made available by software producers like Microsoft to cover the exploited vulnerabilities. <\/p> \u201cIt\u2019s incredible that a tool which was used by intelligence services is now publicly available and so widely used,\u201d complained Vikram Thakur, Director of Security Response at Symantec. Matthew Leibert – CIO at the city of Allentown, which was hit hard in February last year – described the malware used to attack his computers as \u201ccommodity malware\u201d, bought on the dark web by cybercriminals who often don\u2019t have a specific target in mind. \u201cThere are warehouses of kids overseas firing off phishing emails,\u201d Mr. Leibert said, comparing the situation with criminals shooting military-grade weapons at random targets.<\/p> Although EternalBlue does not spread itself by way of email (rather via an outdated version of the SMB net protocol), phishing emails often enough serve as gateways for this and other similar malware to infect systems. That\u2019s why these days it\u2019s absolutely crucial to safeguard your email infrastructure as securely as possible \u2013 for instance using Retarus Email Security<\/a> including ATP and our patented Postdelivery Protection<\/a>. Of course, one always needs to make sure that all software remains totally up to date by installing patches as soon as they have been released and last, but not least, sensitizing users about handling their electronic mail with awareness and good sense<\/a>. <\/p> Update from June 5, 2019: The Baltimore blackmailer has announced via a Twitter account (which has since been suspended) that he did not use EternalBlue, <\/em>according to \u00ab\u00a0Ars Technica\u00a0\u00bb<\/em><\/a>. The allegation cannot be verified at this stage.<\/em><\/p> ","protected":false},"excerpt":{"rendered":" For three weeks now, the computers at Baltimore\u2019s city administration have been held as virtual hostages. They have been infected with ransomware that relies on the \u201cEternalBlue\u201d malware developed by […]<\/p>\n","protected":false},"author":14,"featured_media":3991,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[8,15],"tags":[102],"dipi_cpt_category":[],"class_list":["post-3992","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security","tag-email-security"],"acf":[],"yoast_head":"\n