- What is my age:
Individuals who hold dual citizenship are not precluded from applying for positions at NSA. Dual citizenship may raise questions about foreign preference or loyalty, and will need to be resolved before a clearance can be granted. These concerns can vary from case to case and will be addressed on an individual basis. All applicants for employment are considered without regard to age, color, disability, genetic information, national origin, race, religion, sex, sexual orientation, marital status, or status as a parent.
Politicians representing a US city struck by a ransomware attack are asking questions of the National Security Agency after claims it helped make the breach possible. The New York Times reported on Saturday that a hacking vulnerability known as EternalBlue has been exploited to blackmail Baltimore's local government.
Md. leaders seek briefing from nsa on report that nsa tool was used in ransomware attack
The NSA discovered the flaw, but the paper claims that its cyber-spies kept the discovery secret for years. But the report has particular resonance as the organisation is headquartered at Fort Meade, Maryland, which is a short drive from Baltimore.
It involves a bug in old versions of Microsoft's Windows operating system that allows other malicious code to be run on infected computers. The New York Times said the agency did not disclose the problem to Microsoft for more than five years until a breach forced its hand. Microsoft released a fix for EternalBlue flaw in March The NSA has never confirmed how it came to lose control of its code nor officially commented on the affair.
National security agency
But the suggestion is that if it had shared its findings with Microsoft at an earlier stage, fewer PCs would have been exposed to subsequent attacks that made use of the vulnerability. Thousands of Baltimore's city government computers were frozen on 7 May after their files became digitally scrambled. In addition, staff have been unable to send or receive s from their normal s. Some security experts say if EternalBlue is truly involved, then IT managers should have installed a patch long ago.
Eternalblue was released over two years ago. If an organization has substantial s of Windows machines that have gone 2 years without patches, then that's squarely the fault of the organization, not Eternalblue.
But one consultant noted that this may have been easier said than done. It's not exactly the talk of the town here - after all, it's not like Facebook has gone down, merely crucial public services.
Baltimore ransomware attack: nsa faces questions
For those who have been affected, it's very frustrating - a delayed house sale here, a new business that can't open on schedule there. Another told me they couldn't go online to pay a parking ticket - that's not as fortunate as it sounds, trust me. A further kick in the teeth for this city is the suggestion that this attack used an exploit discovered not by the Russians or Chinese, but by an organisation based just 20 miles away - the US National Security Agency.
City officials want answers on that, but locals don't want it to be a scapegoat.
There have been repeated warnings here about severe underinvestment in government IT infrastructure. Google thwarts ransomware fightback.
No end in sight for Baltimore ransomware shutdown. The NSA declined to comment.
Ethical hackers take bugs to the bank Google thwarts Baltimore ransomware fightback Baltimore government held hostage by hackers' ransomware. lock-out.
The authorities refused. The BBC is not responsible for the content of external sites.
Baltimore ransomware attack involved nsa’s eternalblue hacker tools: report
View original tweet on Twitter. On the ground in Baltimore:.
Related Topics. Cyber-security National Security Agency. More on this story. Published 24 May Published 23 May