Guess which list unites North Korea, Iran, China, Russia, Israel and the United States? These are all the nations that have not signed the Paris Call for Trust and Security in Cyberspace — Emmanuel's Macron's effort to stop cyber-attacks in peacetime.
The US's National Security Agency (NSA), often portrayed in the media as the most technologically advanced intelligence agency in the world, and routinely resorts to hacking and cyber-attacks in order to steal the information they need. To do so, tech geniuses on government payrolls write "tools" — malware programs designed specifically to strike at vulnerabilities found in operational systems, including the US-made Windows OS family.
And then these programs get leaked.
Now the NSA-written malware is rampaging Baltimore, Maryland. The exact geography of the affected computers is undisclosed as Microsoft is trying to keep the lid on the outbreak, but it is likely that other cities were affected as well, the Times report says.
The malware is capable of paralyzing hospitals, airports, rail and shipping operators, ATMs and factories. Local US governments that use aged software and hardware are particularly vulnerable to EternalBlue attacks, according to the Times.
On 7 May, Baltimore city workers were hit with a classic ransomware attack. The malicious software locked the workers out of their computers and displayed a message written in remarkably poor English.
"We're watching you for days and we've worked on your systems to gain full access to your company and bypass all of your protections," the note on the screen warned against calling the FBI and demanded $100,000 in Bitcoin as ransom.
"We won't talk more, all we know is MONEY!" the note said. "Hurry up! Tik Tak, Tik Tak, Tik Tak!"
Earlier in February, Allentown, Pennsylvania was also hit with an EternalBlue-based attack. It cost the city $1 million to remedy and $400,000 for new defences, according to the Times. In September, the malware hit San Antonio, Texas, locking the local sheriff's office.
The Times reported that EternalBlue has become the favourite tool of the trade for government hackers. The 2016 WannaCry attack, attributed to North Korea and 2017 NotPetya attack, blamed on Russia, is said to be all based on EternalBlue. Iran has been accused of hacking airline networks in the Middle East, and China is said to have targeted Middle Eastern governments using the same tool.
"These exploits are developed and kept secret by governments for the express purpose of using them as weapons or espionage tools. They're inherently dangerous," says Tom Burt, Microsoft's Vice President of Customer Security and Trust. "When someone takes that, they're not ‘strapping a bomb' to it. It's already a bomb."