A key component of malware used by hackers to disrupt U.S. cities, paralyzing local governments and frustrating residents, was developed by the National Security Agency (NSA), The New York Times reported.
The NSA reportedly lost control of the tool, called EternalBlue, in 2017.
After that, it was used across the globe by hackers in Russia, China and North Korea, according to the Times, which added that it has affected hospitals, airports, shipping operators, ATMs and factories.
More recently, it has been used against a number of U.S. cities, including the recent high-profile ransomware attack on Baltimore in which computers were frozen and water bills, health alerts, real estate sales and other services were disrupted, the newspaper reports.
On May 7, city workers' screens suddenly locked and a message demanded $100,000 to free the city’s files. Baltimore has not paid and almost three weeks later remains affected.
According to the Times, damage from these attacks would be less vast without EternalBlue.
The NSA and FBI declined to comment to the Times, which reported that the NSA still hasn’t acknowledged the theft of the cyberweapon or know whether the group responsible, which calls itself the Shadow Brokers, is made up of foreign spies or disgruntled federal employees.