The United States is no longer supplying its enemies only with conventional weapons – that list now also includes cyberweapons. While Baltimore has been struggling with an aggressive cyber-attack over the last three weeks, previously profiled here , it has now been revealed that a key component of the malware used by cyber-criminals was actually developed just a short drive from Baltimore – at the NSA, according to the New York Times.
The tool used – called EternalBlue – has been used by hackers in North Korea, Russia and China to “cut a path of destruction around the world”, and resulted in billions of dollars in damages.
Now, it has come full circle and is back in the US, wreaking havoc just miles from Washington. In fact, security experts say that attacks using EternalBlue have soared and cyber-criminals are honing in on vulnerable towns and cities, using it to paralyze governments. The NSA’s connection to the attacks had previously not been reported and the NSA hasn’t commented about it since an unidentified group leaked the weapon online in April 2017.
The NSA and the FBI still don’t know whether or not it was leaked by foreign spies or US insiders.
The leak has been referred to as “the most destructive and costly N.S.A. breach in history,” by Thomas Rid, a cybersecurity expert at Johns Hopkins University. He continued: “The government has refused to take responsibility, or even to answer the most basic questions. Congressional oversight appears to be failing. The American people deserve an answer.”
An answer that we’re sure they won’t get.
Commenting on the leak in April 2017, Edward Snowden said that the “NSA just lost control of its Top Secret arsenal of digital weapons; hackers leaked it.”
NSA just lost control of its Top Secret arsenal of digital weapons; hackers leaked it.
1) https://t.co/zleVbyBtE3
2) https://t.co/aKwdiNbrJA— Edward Snowden (@Snowden) April 8, 2017
Since the April 2017 leak, foreign intelligence agencies and hackers have used the software to paralyze places like hospitals, airports, rail and shipping operators, ATMs and factories. In the United States, hackers are using the software to hit local governments with outdated infrastructure and few resources to defend themselves.
The software used to be one of the most useful exploits in the NSA’s arsenal. Former NSA analysts spent almost a year finding a flaw in Microsoft’s software and writing the code to target it. The tool was initially called “EternalBlueScreen” because it had a penchant for crashing computers. In fact, it was so valuable that the agency never even alerted Microsoft to the security flaw and instead, held onto the tool for five years before the breach in 2017 forced them to talk about it.
The May 7 Baltimore attack saw city workers’ screens suddenly lock up and a message in broken English demanding $100,000 in Bitcoin ransom. And, as Baltimore has not yet paid the ransom, the city’s computers remain handicapped. Without the former NSA tool, the damage wouldn’t of been as bad.
North Korea was the first to allegedly use the tool in 2017 when they attacked the British healthcare system, German railroads and 200,000 additional organizations around the world. Then, Russia reportedly used the tool on Ukraine and companies that did business in the country. The assault cost FedEx more than $400 million and Merck $670 million. Over the past year, Russian hackers have also used it to compromise hotel Wi-Fi networks, while Iranian hackers have used it to hack airlines in the Middle East. Of course, there is no evidence that any of these actors were behind the reported hacks.
Vikram Thakur, Symantec’s director of security response said: “It’s incredible that a tool which was used by intelligence services is now publicly available and so widely used.”
When the tool was leaked in 2017, the NSA finally reached out to Microsoft, who developed a patch – but by then, it was too late and many systems still remained unprotected.
Meanwhile, hackers continue to target areas like Baltimore, San Antonio and Allentown, Pennsylvania – governments that use out of date software. This prompted the Department of Homeland Security last July to issue a warning about the software, urging municipalities to update their infrastructure.
The Allentown attack cost about $1 million to fix, in addition to $420,000 per year in new spending. Matthew Leibert, the city’s chief information officer called the attack “commodity malware” and said: “There are warehouses of kids overseas firing off phishing emails, like thugs shooting military-grade weapons at random targets.”
San Antonio was also hit with an attack last September when a computer inside the sheriff’s office tried to spread EternalBlue across the government’s network. And now, researchers at Palo Alto Networks discovered just last week that a Chinese state group had hacked into Middle Eastern governments using the tool.
Jen Miller-Osborn, a deputy director of threat intelligence at Palo Alto Networks said: “You can’t hope that once the initial wave of attacks is over, it will go away. We expect EternalBlue will be used almost forever, because if attackers find a system that isn’t patched, it is so useful.”
Until about a decade ago, these tools belonged to the NSA only. In fact, they had coined the term “NOBUS”, which stood for “nobody but us” – meaning the NSA thought the vulnerabilities were theirs alone to exploit. But that advantage wore off due to the leaks and because of the fact that anyone can grab the code to a cyber-weapon once it’s posted online.
FBI and Homeland security officials told the New York Times that more accountability at the NSA was needed. A former FBI official said that the leak was akin to the government failing to lock it up “a warehouse of automatic weapons”.
Unfortunately, there doesn’t seem to be accountability at the NSA. Adm. Michael S. Rogers, who was director of the N.S.A. during the leak said: “If Toyota makes pickup trucks and someone takes a pickup truck, welds an explosive device onto the front, crashes it through a perimeter and into a crowd of people, is that Toyota’s responsibility? The N.S.A. wrote an exploit that was never designed to do what was done.”
Microsoft views the situation very differently. Tom Burt, the corporate vice president of consumer trust said: “I disagree completely. These exploits are developed and kept secret by governments for the express purpose of using them as weapons or espionage tools. They’re inherently dangerous. When someone takes that, they’re not strapping a bomb to it. It’s already a bomb.”
It is my sincere desire to provide readers of this site with the best unbiased information available, and a forum where it can be discussed openly, as our Founders intended. But it is not easy nor inexpensive to do so, especially when those who wish to prevent us from making the truth known, attack us without mercy on all fronts on a daily basis. So each time you visit the site, I would ask that you consider the value that you receive and have received from The Burning Platform and the community of which you are a vital part. I can't do it all alone, and I need your help and support to keep it alive. Please consider contributing an amount commensurate to the value that you receive from this site and community, or even by becoming a sustaining supporter through periodic contributions. [Burning Platform LLC - PO Box 1520 Kulpsville, PA 19443] or Paypal
-----------------------------------------------------
To donate via Stripe, click here.
-----------------------------------------------------
Use promo code ILMF2, and save up to 66% on all MyPillow purchases. (The Burning Platform benefits when you use this promo code.)
At least it’s Baltimore & not someplace important.
Better start talking nicely with Israel. Maybe they’ll feel sorry for the NSA and Microsoft. For a few shekels, they’ll solve your problems.
Hackers deserve a MOAB dropped on their location. it’s a nice thought anyhow. This reminds me, has WikiLeaks dumped and embarrassing stuff since Assange’s arrest?
I am so comforted knowing the “Security Experts” in the highest echelons of Government and industry are able to develop secure systems for government, industry, commercial and personal use.
//SARC OFF//
These fucking bozos prove every day that the cybernetic technotronic civilization that is being built is not to be trusted on any level.
Then the A.G.I. is going to take over.
God help us.
Popcorn, make more popcorn. This is turning into a real spectators sport. Heck, it has every other form of entertainment beat all to heck. I think I will make a trip to the store for more beer and some red-hots to go with the popcorn. What will the next crisis be?
Glad my chainsaws aren’t networked.
On autopilot: ‘Pilots are losing their basic flying skills’
“Experts said automation has helped to make aviation one of the safest means of transportation. Because of advanced autopilot systems, aircraft save fuel by flying in an optimal way. They can be landed in fog, a boon to travelers who no longer are diverted to other airports. The systems are so advanced that they can counteract bad judgments by pilots. Automated systems are switched on for about 90% of a typical airline trip, according to government estimates.”
also…
From the FAA
“ADS-B is transforming all segments of aviation. Real-time precision, shared situational awareness, advanced applications for pilots and controllers alike — these are the hallmarks of ADS-B NextGen surveillance.
Real-time ADS-B is used now for air traffic control
General aviation is safer with ADS-B traffic, weather, and flight-information services
Safety and efficiency improve with advanced ADS-B applications
ADS-B improves safety and efficiency in the air and on runways, reduces costs, and lessens harmful effects on the environment.”
It Will Be Required —–> January 1st, 2020.
‘All segments’ means towered airspace will require ADS-B even in a single pilot Cessna plane. i.e. private pilots and planes.
My guess is that the “experts” are not pilots.
I’d trust Chesley ‘Sully’ Sullenberger before flying in a plane with compromised info/software.
Most pilots I know already use an iPad and ‘ForeFlight’ or some other software for real time info and a host of other features like altitude, airspeed, moving maps, GPS etc. It’s nice to have and easy to use, except what I notice is that their head is buried in the cockpit and eyes are on the screen. I can already see the skills diminishing, like the kids in Grammar Skools that cannot read an analogue clock or use a pencil and paper.
How long will it be before this software is defective or compromised (hacked)?
(Boeing 737 max notwithstanding. )
I guess the surveillance is a ‘freebie/gratis’ add on.
I dunno ’bout youse guys but, do you ever have flashes of images come to mind that are of dystopian books or movies that you’ve previously read or seen?
The same concept of increasing loss of motor skills and experience was told to me by a surgeon. He said new surgeons have diminished skills in manual surgical operations precisely due to the abilities of computer aided procedures. Hand to eye coordination and fine motor skills are not utilized as computers and robots take over.
Calling Dr. Lexus. Dr Lexus to operating room #3. STAT.
Well, just wait til Tesla gets hacked. All those Teslas will be dead as the batteries in my old flashlight.
“The government has refused to take responsibility, or even to answer the most basic questions. Congressional oversight appears to be failing.”
Our government has always taken responsibility for global problems it created, starting with…
‘Congressional oversight’ has prevented innumerable calamities, including…
“Over the past year, Russian hackers have also used it to compromise hotel Wi-Fi networks, while Iranian hackers have used it to hack airlines in the Middle East. Of course, there is no evidence that any of these actors were behind the reported hacks.”
Which means ‘foreign actors’ are guilty until they prove our government is NOT preparing to wage war on its shithole cities that are a dropped match away from incineration by their own EBT voter base. Baltimore absolutely should be shut down. Entirely. BRAVO, Deep State!!! Pop a pimple on our ass and squirt pus on our enemies.
Tyler, you are killing my language. . . .
As for the story: THEY wanted the keys to the kingdom. So, they got them. Haha. Ha. Hahahaha. Hahaha. Ha.
Yes this is a bad thing however anything that paralyzes Baltimore City Government and the politicians blathering about could only be an improvement !
hey boat guy,
what’s your mayoral situation?
the last i heard she was on the run–
The city council head had the “deputy mayor” take the oath blah blah blah …
I live in the county northeast of the city where we have trout streams , parks and separate housing communities with blocks of row homes (townhouses) scattered about .
Thanks to the Maryland legislature we are being flooded with indigenous populations of darker former shithole dwellers thanks to section 8 . This of course is destroying the county school system and crime is increasing .
Never fear the left wing new county executive who took over after the last leftist bag of shit died from a rumored cocaine induced heart attack is hot on the trail increasing taxes as businesses and industries fold up shop . He is also making some deal with the new mayor of cooperation to help spread out the shit so the county can circle the drain with the city .
There is a very simple solution to this type of problem. DO NOT EVER use any Microsoft products. It has been publicly known for decades that their products are bug-ridden crap. There are alternatives and alternative companies, which have not come under the control of total pieces of shit like Steve Ballmer. I don’t know if this would happen if Bill Gates had retained control. But I doubt it.
From what has been made public, that effort will not prevent you being back-doored.
If someone wants to hack you, all that needs to happen is that you use an electronic device.
It was admitted that ALL chips have backdoors not long ago.
No matter what is claimed in the future, ALL CHIPS will continue to have backdoors. To believe otherwise is insane at this point.
TOR browser will not prevent it. Linux will not prevent it. ALL electronic communications are monitored. ALL. And all electronic communications can be hacked in all kinds of ways, from backdoors in chips and software/OS to using intercepts to spoof your ISP/Server/Cell/Wifi signals. Even some local cops have Stingray (or far better) spoofers.
YOU WILL BE MONITORED.
Day-yim. That’s a really tough dose of reality served up for breakfast this morning. I was hoping for a omelet and toast instead.
I am thinking about using a computer completely isolated from the internet to write important communication and then passing the printed communication from my hand to someone else’s hand to hand as samizdat .
Imagine the exploits that will take place when “AI” shortly starts running entire systems.
“AI” is just code. A person or another “AI” WILL exploit that code for their own goals.
The picture painted is that “AI” is “smart enough” to “think” for itself and prevent problems/hacking/gaming – I am about 99% positive that is total bullshit.
If someone wants to shut down ALL governments nationwide, that would be wonderful, and even more ironic if they did it with NSA software. The sooner people realize that government has been actively opposing freedom, standing in the way of liberty, etc. the sooner we can get busy organizing society via the free market and voluntary associations. The only people truly dependent on government are the parasites in both the private and business sectors of our economy. Those that take care of their own, are not.
Agreed and well said. You consistently post thoughts that match your moniker and I am of the same mind.
Over the last 20+ years, I have tried to convince friends, family, co-workers and others to take a look at what “libertarian” actually means. I found that many are actually outright “communal-minded”. That is, they are literally afraid to depend mostly/solely on themselves. Like “trained” animals, they have been taught/conditioned to rely on others more than themselves for far too much. A staple of this is their learned/conditoned diminishing beliefs in their own abilities, which translates into their thoughts/decisions/actions leaning toward group-reliance instead of self-reliance for anything beyond the most basic decisions/actions. It is self-destructive behavior that the vast majority seem blind to.
Around 10-12 years ago, just when I thought I had many convinced to take a harder look – after much of what I had been pointing out for 10+ years became “common” knowledge and openly accepted and made it harder and harder to ignore and belittle what I was claiming (Stuff like “all electronic communications are monitored and searched for key words and there are “lists”, and monitoring of individuals and many other violated rights, and all voting that matters is rigged, all real levers of power are controlled by criminals, 9/11 was MIHOP or LIHOP, on and on” – I began those rants not long after 9/11 and lost many friends family for it – I just read more than they did and used the internet for different info. than they did, so I knew about the monitoring and other absurdities) and just when it started to sink in on some…
It was like TPTB knew (not from me, but from a critical-mass saying stuff like me – maybe you Mr. Libtery were saying similar things at the time) and all of a sudden, definitions were changed, people that knew jack-diddly about austrians/libertarians like mises, rothbard, mencken, garet garret or even lew rockwell were posting everywhere and spouting off incorrect and contradictory crap all over the place. The mainstream, and loudly repeated, definition of “Libertarian” came to be thought of as: selfish, crazy, shack dweller equivalent to the Unabomber – the opposite of what the non-aggression principle stands for with regard to property rights and decentralized voluntary cooperation. That lie was put out by TPTB with vigor and purpose to smear the mindset….more conditioning for the group-reliance types (alpha and beta rats – not the self-dependent and individual gamma rats if you are familiar with the research).
I often wonder if this thought process toward liberty, the individual, and decentralization will ever be a goal for anything but a small percentage of people that believe in themselves – the remnant. The Gamma-Rats are only ever a few percent…
“after much of what I had been pointing out for 10+ years became “common” knowledge and openly accepted and made it harder and harder to ignore and belittle what I was claiming”
It goes instantly from “conspiracy theory” to “so what”. From “you’re paranoid” to “you must be doing something criminal in secret”.
I’ll hand it to TPTB on one thing: as far as MC and creating and managing groupthink, they sure know what they’re about.
Liberty is a high risk lifestyle. That said it cannot be accomplished alone. Real liberty depends upon our relationships with family, friends and community and they, in turn, thrive in those environments where liberty is the highest ideal.
The problem is that the vast majority of the species are attracted to the cream that rises in liberty based communities; safety, cooperation, innovation, technical proficiency, stable levels of production, surpluses. In PC-speak, ‘safe neighborhoods and good schools’. Those people however do not necessarily want to contribute to it, but rather strip mine it for all of its benefits simply by arriving with their needs and desires. The USA and the current invasion is a perfect example. These new arrivals aren’t coming because of the draw of liberty, but of plenty.
In the past true ‘libertarian’ communities had the protection of their high percentage of risk taking alphas and the space offered as a buffer by the frontier where most libertarian communities thrive.
People interested in the state of true liberty- not just the freedom aspect, but the risk/reward drive- are always going to be a statistical minority. The majority wants to share in their surpluses and advances, but not actively participate. And of course that always turns into a situation where force of the majority is used to reallocate the basis for success to those who cannot achieve it themselves by stripping it from the creators which leads to their expulsion and/or flight from oppression.
This is an absolutely fantastic and insightful response to what I posted HSF. Thank you.
I especially relate to the opener:
That line is fundamentally awesome and inspiring and means FAR more than the words themselves because of the unspoken half: the rewards you mention above that spring forth from the risks of liberty. Your line should be written in the sky for all to ponder, at least once per day, every day – forever.
Seems we’re the minority that sees this as good news.
Fuck NSA
https://www.foxnews.com/entertainment/wjz-anchor-mary-bubala-ousted-question-baltimore-mayors
Adm. Idiot; Toyota is NOT government.
So what did this “hack” do to the evidence against that worthless mayor of theirs? Did any of it magically “vanish,” or was it “tied up” to vanish later?? Would make a good cover (kind of like blowing up the Pentagon right in the area where all the evidence is kept regarding the $1 trillion that was declared “missing” just the day before).
You may have hit the nail here M.L..
Ya gotta wonder how much someone in charge paid for a false-flag-hack in this case?
Now that’s the kind of thinking that got me shunned after 9/11 and my ranting about Trillion Dollar Rummy manipulations and criminals and dancing Israelis and put options and obvious implosions and a building not hit with debris and…!