Cybersecurity

Dem rep demands info on ransomware attack from NSA

Rep. Ted Lieu (D-Calif.) is calling on the National Security Agency (NSA) to release what it knows about a massive ransomware attack that surged across the globe this week.

In a letter to NSA Director Michael Rogers, Lieu urged the agency to deploy a “kill switch” to shut down the ransomware — if one exists — and warned that the infection could open up the floodgates for a series of cyberattacks based on leaked NSA hacking tools.

“As a computer science major, my long-term fear — which is shared by security researchers — is that this is the tip of the iceberg and many more malware attacks will soon be released based on NSA’s hacking tools,” Lieu writes.

The ransomware that swept across Europe and parts of the U.S. and Asia on Tuesday exploits the EternalBlue vulnerability in Microsoft Windows software that allows it to essentially hold computer files hostage unless the user pays for a $300 decryption key.

{mosads}EternalBlue was among a trove of NSA hacking tools leaked to the anti-secrecy organization WikiLeaks last month by a hacker group called the ShadowBrokers.

The cyberattack on Tuesday was the second time in less than two months that a massive ransomware attack infected and disrupted computers and networks around the globe. Another malicious software, dubbed WannaCry, ravaged Britain’s National Health Service and computers across Europe last month.

Lieu called on Wednesday for the NSA to work with Microsoft and other software manufacturers and tech companies to identify possible vulnerabilities that could be exploited by hackers. 

“Whatever the cause of the ShadowBrokers leak, the fact remains that these classified exploitation tools are now publicly available,” he wrote. “I strongly believe it is now NSA’s duty to work with appropriate stakeholders to ensure that American citizens, businesses and government entities are adequately protected from NSA-inspired malware attacks.”