An NSA cyber weapon is reportedly being used against American cities by the very adversaries it was meant to target

Military Tech

Staff Sgt. Wendell Myler, a cyber warfare operations journeyman assigned to the 175th Cyberspace Operations Group of the Maryland Air National Guard monitors live cyber attacks on the operations floor of the 27th Cyberspace Squadron, known as the Hunter's Den, at Warfield Air National Guard Base, Middle River, Md., June 3, 2017

In less than three years after the National Security Agency found itself subject to an unprecedentedly catastrophic hacking episode, one of the agency's most powerful cyber weapons is reportedly being turned against American cities with alarming frequency by the very foreign hackers it was once intended to counter.


An explosive New York Times story published Saturday detailing how the NSA's Tailored Access Operations lost control of its so-called 'EternalBlue' malware tool to a cadre of hackers known as the Shadow Brokers, which subsequently publicized the agency's software exploits on the internet and passed them along to hackers associated with Russia, China, and North Korea

The Shadow Brokers' disclosure reportedly came thanks to a 54-year-old former contractor Harold Martin III, who plead guilty in March 2019 for, among other things, taking classified documents and electronic devices home with him for more than 20 years in what government officials characterized as the biggest leak of classified information in U.S. history.

The New York Times story comes in the midst of an ongoing cyberattack on the city government of Baltimore that has paralyzed critical infrastructure and halted daily important transactions from home sales to utility payments. But apparently, the NSA connection wasn't publicly known before Saturday — and the first four paragraphs of the Times story will absolutely make your blood boil:

For nearly three weeks, Baltimore has struggled with a cyberattack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.

But here is what frustrated city employees and residents do not know: A key component of the malware that cybercriminals used in the attack was developed at taxpayer expense a short drive down the Baltimore-Washington Parkway at the National Security Agency, according to security experts briefed on the case.

Since 2017, when the N.S.A. lost control of the tool, EternalBlue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage. But over the past year, the cyber weapon has boomeranged back and is now showing up in the N.S.A.'s own backyard.

It is not just in Baltimore. Security experts say EternalBlue attacks have reached a high, and cybercriminals are zeroing in on vulnerable American towns and cities, from Pennsylvania to Texas, paralyzing local governments and driving up costs.

To be clear: the NSA built a malware tool capable of disabling the computer systems that control everything from payroll to power grids, lost it, and then basically kept its mouth shut as its own tool was turned against them by the very enemies they were meant to target in the first place.

This is basically the cyber equivalent of the GBU-43/B Massive Ordnance Air Blast bomb falling into the hands of ISIS fighters in Nangarhar because some personnel assigned to U.S. Forces Afghanistan delivered the schematics by hand.

Even worse, it casts a major shadow over the aggressive cyber defense plan that the Pentagon rolled out last year to "[defend] forward to intercept and halt cyber threats."

It's also worth noting that Martin's 2016 arrest and the Shadow Broker's subsequent leak of NSA hacking tools occurred just over three years after Edward Snowden pulled back the curtain on the agency's vast domestic surveillance apparatus.

But while a narrow majority of Americans tended to support the NSA's domestic surveillance missteps in the aftermath of the Snowden disclosures, they may not be so forgiving when their light start going out.

SEE ALSO: When Does A Cyber Attack Constitute An Act Of War? We Still Don't Know

WATCH NEXT: The Navy's 'Sky Penis' Incident (A Dramatic Reading)

Naval Air Station Pensacola (U.S. Navy photo)

WASHINGTON (Reuters) - The Saudi ambassador to the United States visited a U.S. naval air station in Florida on Thursday to extend her condolences for a shooting attack by a Saudi Air Force officer that killed three people last week, the Saudi embassy said.

Read More Show Less

WASHINGTON (Reuters) - The Pentagon on Thursday tested a conventionally configured ground-launched ballistic missile, a test that would have been prohibited under the Intermediate-range Nuclear Forces Treaty.

The United States formally withdrew from the landmark 1987 INF pact with Russia in August after determining that Moscow was violating the treaty, an accusation the Kremlin has denied.

Read More Show Less
U.S. Air Force airmen from the 405th Expeditionary Support Squadron work together to clear debris inside the passenger terminal the day after a Taliban-led attack at Bagram Airfield, Afghanistan, Dec. 12, 2019. (U.S. Air Force/Airman 1st Class Brandon Cribelar)

Blasts from Taliban car bombs outside of Bagram Airfield on Wednesday caused extensive damage to the base's passenger terminal, new pictures released by the 45th Expeditionary Wing show.

The pictures, which are part of a photo essay called "Bagram stands fast," were posted on the Defense Visual Information Distribution Service's website on Thursday.

Read More Show Less
Retired Navy Seal Floyd McLendon. (Business Insider)

Editor's Note: This article originally appeared on Business Insider.

A retired Navy SEAL running for Congress wore a U.S. Navy dress white uniform at a recent campaign event, Business Insider has learned.

Republican candidate Floyd McLendon of Texas spoke to an audience at his campaign kick-off event in November, wearing the Navy uniform adorned with numerous medals — including what appeared to be the Navy SEAL Trident, the insignia reserved for members of the elite community like McLendon.

The inaugural event in Dallas was held in the 30th congressional district, a different district than the one McLendon is running in. Political strategists in Texas described the venue's location as highly unusual for a House candidate.

Read More Show Less

The Pentagon's top spokesman tried to downplay recent revelations by the Washington Post that U.S. government officials have consistently misled the American public about the war in Afghanistan for nearly two decades.

Washington Post reporter Craig Whitlock first brought to light that several top officials acknowledged to the Office of the Special Inspector General for Afghanistan Reconstruction that the war was going badly despite their optimistic public statements. The report, based on extensive interviews and internal government data, also found that U.S. officials manipulated statistics to create the public perception that the U.S. military was making progress in Afghanistan.

Read More Show Less