A fiery debate has erupted within the information security community over who is to blame for the mess for the cyber attack that brought down several cities in the US last week. Refer to our posting - The Return of EternalBlue; or Was it ever Vanguished?
A story in the New York Times claimed that the U.S. National Security Agency (NSA) is partly responsible for helping to spread the computer-seizing digital infection that caused and disrupted the government in several US cities. Because NSA lost control of this hacking tool, an alleged "key component" of the latest ransomware, according to The Times, the paper lays blame at the spy agency’s feet.
Pursuant to the issuance of that story, several cybersecurity professionals in the US generally responded by saying that yes, ransomware increasingly includes EternalBlue as part of their arsenal of attacks, but this doesn’t mean EternalBlue is responsible for ransomware.
The cybersecurity professionals who were quoted and were part of the online debate said if EternalBlue truly was key to the Baltimore attack, as The Times initially reported, then it would appear that these cities had for years failed to update its computer systems to defend against a known, critical vulnerability. Microsoft released a patch in 2017; the exploit works on machines running Windows software that’s two years out of date. The harsh truth: these US cities should have been better prepared.