Quick Hits

*** The General Services Administration has two new executives in top staff and technology slots. On May 28, the agency announced the appointments of Julie Dunne as senior advisor to GSA Administrator Emily Murphy and Reynold Schweickhardt as senior advisor for technology for the agency.

Dunne will provide strategic counsel to Murphy on acquisition policies and legislation, while Schweickhardt will provide strategic guidance on the agency's technology transformation portfolio, GSA said in its May 28 statement.

Dunne had been staff director for the House Oversight and Government Reform Committee's Government Operations Subcommittee. She also has experience as senior counsel on the Senate Homeland Security and Governmental Affairs Committee and has worked as a government contracts attorney at a Washington, D.C., law firm.

Schweickhardt came to GSA from the House of Representatives where he was director of technology policy, providing oversight on all House IT programs. Before that he served at the Government Printing Office as CTO, CIO and acting chief of staff.

*** A recent New York Times article claims that a key component of the malware used in the recent Baltimore ransomware attack was EternalBlue, a hacking tool initially developed by the National Security Agency and later leaked to the public by the mysterious Shadow Brokers group in 2016. Now Baltimore officials are using the article to press for federal assistance to recover from the attacks.

In a May 25 statement, Baltimore City Council President Brandon Scott cited the article while asking Maryland Gov. Larry Hogan to formally request that the federal government declare the cyberattack a national emergency, a move that would entitle the city to federal dollars to reimburse costs incurred for damages and repairs to the thousands of computers frozen as well as the disruption to city services.

"Given the new information and circumstances it's even more clear that the federal government needs to have a larger role in supporting the city's recovery, including federal reimbursement for damages," said Scott.

The story has kicked off a heated debate among information security professionals about whether the blame should primarily fall on the NSA for developing the exploit or the city government for not updating its software nearly two years after Microsoft released a patch for the flaw.