{"id":123153,"date":"2019-05-26T06:28:18","date_gmt":"2019-05-26T10:28:18","guid":{"rendered":"https:\/\/stateofthenation2012.com\/?p=123153"},"modified":"2019-05-26T07:09:28","modified_gmt":"2019-05-26T11:09:28","slug":"cybercrime-wave-unstoppable-cities-and-corporations-across-america-being-cyberattacked-into-communication-paralysis","status":"publish","type":"post","link":"https:\/\/stateofthenation2012.com\/?p=123153","title":{"rendered":"Cybercrime Wave ‘Unstoppable’ by Design: Cities and Corporations Across America Being Cyberattacked into Communication Paralysis"},"content":{"rendered":"

Who’s doing it and why?<\/strong><\/h1>\n
\"\"<\/a>

Hackers reportedly launched a cyberattack on Baltimore with a leaked NSA tool<\/p><\/div>\n

SOTN Editor’s Note:<\/a><\/strong> There’s a HUGE war going on under the radar that’s potentially as dangerous and destructive as any on the planet.<\/p>\n

Deep State<\/em> agents, foreign intelligence agencies and contracted cybercriminals both foreign and domestic are working in concert to terrorize cities and corporations across the USA.<\/p>\n

The pattern of criminal cyberattacks indicates a variety of motives which make this crime spree more difficult to solve. However, that only means that this type of cyber-warfare is being used more frequently and with greater effect.<\/p>\n

That Baltimore, Maryland has been successfully targeted for nearly 3 weeks demonstrates the high degree of proficiency of these mercenary cyber-criminals. It also shows how close to the nation’s capital the perps are willing to go. See: Here\u2019s how cyber-weaponry has literally shut down a major American city<\/a><\/p>\n

This burgeoning cybercrime wave is actually a highly complex conspiracy with multiple state actors (not Russia) that requires a dedicated expos\u00e9 which is forthcoming. In the meantime, what follows is the MSM spin from the ever-prevaricating NYT.<\/p>\n

State of the Nation<\/a>
\nMay 26, 2019<\/p>\n

\n
<\/header>\n
\n
\n
\n

In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc<\/h1>\n
\"\"<\/a>

The National Security Agency headquarters in Maryland. A leaked N.S.A. cyberweapon, EternalBlue, has caused billions of dollars in damage worldwide. A recent attack took place in Baltimore, the agency\u2019s own backyard.CreditCreditJim Lo Scalzo\/EPA, via REX, via Shutterstock<\/p><\/div>\n

By Nicole Perlroth and Scott Shane
\nThe New York Times<\/p>\n

For nearly three weeks, Baltimore has struggled with a cyberattack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.<\/p>\n

But here is what frustrated city employees and residents do not know: A key component of the malware that cybercriminals used in the attack was developed at taxpayer expense a short drive down the Baltimore-Washington Parkway at the National Security Agency, according to security experts briefed on the case.<\/p>\n

Since 2017, when the N.S.A. lost control of the tool<\/a>, EternalBlue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage. But over the past year, the cyberweapon has boomeranged back and is now showing up in the N.S.A.\u2019s own backyard.<\/p>\n

It is not just in Baltimore. Security experts say EternalBlue attacks have reached a high<\/a>, and cybercriminals are zeroing in on vulnerable American towns and cities, from Pennsylvania to Texas, paralyzing local governments and driving up costs.<\/p>\n

The N.S.A. connection to the attacks on American cities has not been previously reported, in part because the agency has refused to discuss or even acknowledge the loss of its cyberweapon, dumped online in April 2017 by a still-unidentified group calling itself the Shadow Brokers<\/a>. Years later, the agency and the Federal Bureau of Investigation still do not know whether the Shadow Brokers are foreign spies or disgruntled insiders.<\/p>\n<\/div>\n<\/div>\n

\n
\n

Thomas Rid, a cybersecurity expert at Johns Hopkins University, called the Shadow Brokers episode \u201cthe most destructive and costly N.S.A. breach in history,\u201d more damaging than the better-known leak in 2013 from Edward Snowden, the former N.S.A. contractor.<\/p>\n

\u201cThe government has refused to take responsibility, or even to answer the most basic questions,\u201d Mr. Rid said. \u201cCongressional oversight appears to be failing. The American people deserve an answer.\u201d<\/p>\n

The N.S.A. and F.B.I. declined to comment.<\/p>\n

Since that leak, foreign intelligence agencies and rogue actors have used EternalBlue to spread malware that has paralyzed hospitals, airports, rail and shipping operators, A.T.M.s and factories that produce critical vaccines. Now the tool is hitting the United States where it is most vulnerable, in local governments with aging digital infrastructure and fewer resources to defend themselves.<\/p>\n

\"\"<\/a>On May 7, city workers in Baltimore had their computers frozen by hackers. Officials have refused to pay the $100,000 ransom.<\/span><\/h5>\n

Before it leaked, EternalBlue was one of the most useful exploits in the N.S.A.\u2019s cyberarsenal. According to three former N.S.A. operators who spoke on the condition of anonymity, analysts spent almost a year finding a flaw in Microsoft\u2019s software and writing the code to target it. Initially, they referred to it as EternalBluescreen because it often crashed computers \u2014 a risk that could tip off their targets. But it went on to become a reliable tool used in countless intelligence-gathering and counterterrorism missions.<\/p>\n<\/div>\n<\/div>\n

\n
\n

EternalBlue was so valuable, former N.S.A. employees said, that the agency never seriously considered alerting Microsoft about the vulnerabilities, and held on to it for more than five years before the breach forced its hand.<\/p>\n<\/div>\n<\/div>\n

\n
\n

The Baltimore attack<\/a>, on May 7, was a classic ransomware<\/a> assault. City workers\u2019 screens suddenly locked, and a message in flawed English demanded about $100,000 in Bitcoin to free their files: \u201cWe\u2019ve watching you for days,\u201d said the message, obtained by The Baltimore Sun<\/a>. \u201cWe won\u2019t talk more, all we know is MONEY! Hurry up!\u201d<\/p>\n

Today, Baltimore remains handicapped as city officials refuse to pay, though workarounds have restored some services. Without EternalBlue, the damage would not have been so vast, experts said. The tool exploits a vulnerability in unpatched software that allows hackers to spread their malware faster and farther than they otherwise could.<\/p>\n

North Korea was the first nation to co-opt the tool, for an attack in 2017 \u2014 called WannaCry \u2014 that paralyzed the British health care system, German railroads and some 200,000 organizations around the world. Next was Russia, which used the weapon in an attack \u2014 called NotPetya \u2014 that was aimed at Ukraine but spread across major companies doing business in the country. The assault cost FedEx more than $400 million and Merck, the pharmaceutical giant, $670 million.<\/p>\n

The damage didn\u2019t stop there. In the past year, the same Russian hackers who targeted the 2016 American presidential election used EternalBlue to compromise hotel Wi-Fi networks. Iranian hackers have used it to spread ransomware and hack airlines in the Middle East, according to researchers at the security firms Symantec and FireEye.<\/p>\n

\u201cIt\u2019s incredible that a tool which was used by intelligence services is now publicly available and so widely used,\u201d said Vikram Thakur, Symantec\u2019s director of security response.<\/p>\n<\/div>\n