Baltimore has been locked out of local government computers for three weeks because of a ransomware attack partly financed by taxpayers.
The Shadow Brokers is a group controlling all local Baltimore government computers, demanding $114 thousand in Bitcoin to end the freeze.
A group used the Eternalblue tool the N.S.A. created five years ago to fix a hacking problem in Microsoft Windows’s operating system. The N.S.A. never told Microsoft about the loophole until the instrument had been used in 200,000 global cyber attacks, costing billions in damages. The agency refused to comment on who leaked their code and still have no idea the identity of the hackers.
Since the leak, foreign intelligence agencies and hackers have used EternalBlue to spread malware that has paralyzed hospitals, public transportation, and A.T.M.s. Russian hackers used the tool to disrupt hotel Wi-Fi when targeting the 2016 presidential election.
Thomas Rid, a cybersecurity expert at Johns Hopkins University, called the Shadow Brokers hack “the most destructive and costly N.S.A. breach in history,” more damaging than the Edward Snowden leak in 2013.
If you’re blaming Bitcoin or hackers, you’re looking the wrong direction (cash is used more frequently in ransoms and illegal transactions).
The N.S.A. admitted they lost control of EternalBlue in 2017 ( forced to because the Shadow Brokers leaked the information online). If the N.S.A. told private companies as soon as they lost their code, company engineers could have patched systems to prevent international destruction. The private sector has always outperformed the government sector.
Government agencies that answer to no one are dangerous. Every person has an interest in how they’re spending our money, especially when it results in local government lockdowns.
Whether it’s spying on citizens or ignoring lost lethal code, government agencies must be accountable for their actions.