Over the last month and a half, there have been two massive, worldwide cyberattacks, both ransomware attacks targeting Windows computers. Both also used the EternalBlue exploit, which was discovered and developed by America’s NSA as a cyberweapon for itself.
These attacks have shut down airports, hospitals, and major businesses around the world, including in the United States, and the fact that these attacks are based on NSA-made, and NSA-lost, cyberweapons are an uncomfortable fact for a US government trying to present itself as not having a huge deleterious effect on the Internet.
The NSA is following their usual strategy of not acknowledging that this is a thing at all, while the White House is arguing that it’s unfair that following the cyberattacks people are focusing on who made the weapons, and not on the anonymous groups that happened to use it in individual cases.
That’s in keeping with a long-standing US policy to just randomly blame big cyberattacks on whatever nation they happen to be mad at at the time. The WannaCry attack in May was blamed on North Korea, and officials like to insinuate that the NotPetya attack is Russian, even though Russia is among the nations most heavily hit.
There’s no evidence for either of those attributions of blame, unlike the very clear evidence that the NSA made the cyberweapons, and that even after those weapons got out, the NSA did nothing to help the software and security companies patch the exploits.
EternalBlue is just one of several NSA exploits that got out when an unknown group called the Shadow Brokers stole and leaked the data, and while it’s been favored in the big attacks so far, now that the exploit has been patched, it’s going to slowly be less effective as people install the patch, and future attacks will move on to other exploits, and variants thereof.
Official concede they are very seriously concerned about the amount of damage the cyberweapons will ultimately do, including to critical infrastructure. They are largely trying to brand this as a problem because of America’s enemies, but the reality is that none of this would be possible without the NSA’s policy of stockpiling a massive set of exploits for all these critical computers, and making no effort to get them fixed after they lost control of them.