From May 7, the Baltimore City government is handling a ransomware attack that blocks everything from e-mails to a system where residents pay for water, buy homes and provide other services. According to a report by The New York Times the tool that neutralized the city was the creation of the National Security Agency called the EternalBlue, and was used in other famous cyber attacks.
According to security experts, hackers used EternalBlue. EternalBlue exploits the vulnerability on certain versions of Microsoft Windows XP and Vista systems, allowing external parties to execute remote commands on the target. The tool was leaked by the hacking group The ShadowBrokers in April 2017, and within a day Microsoft issued a patch to fix the exploit. However, patching the system does not mean that the vulnerability has been completely terminated. The user must first apply the patch. Hackers using EternalBlue were then responsible for major cyber attacks, such as Wannacry in May 2017 and NotPetya attacks on Ukranian banks and infrastructure in June 2017.
The Baltimore Attack is a recent example of the use of this malware A recent report by WeLiveSecurity emphasizes that usage is increasing, especially compared to US goals. "Nearly a million computers are in the wild using the currently unused SMB v1 protocol," he said, "because the security practices are bad and the patches are scarce and the malicious use of the EternalBlue continues to increase."  Baltimore's computers were hit by ransomware attacks earlier this month, and city officials said they would not pay through the New York Times . ]) Ransom of $ 76,000. In cities, we started to implement some workarounds to manually deal with real estate transactions and set up the Gmail system for city workers. We originally closed it, but have since restored it. Meanwhile, Baltimore Sun reported that the city's IT department is trying to improve security while restoring access to the city's systems.