I think most people would be shocked to find out how easy this kind of attack is to pull off.
The NSA in the recent past had a major security breach when their most sensitive computer hacking tools were released to the internet along with their source code.
I am 100% certain these tools quickly made their way around the Dark Web and have been used and enhanced since their release.
In this article, it was an employee who opened an attachment in an infected email that caused the outbreak.
The problem is VPNs, Firewalls, etc...won’t help is people are careless which is what happened this time.
That’s why of all the SHTF situations I’m most afraid of Cyber Attacks, a relatively few people armed with nothing more than a laptop can cause massive damage.
In this case, the cost of protection is much higher than most municipal governments can afford compared to the attacker who only needs a laptop and internet connection.
Apples and oranges. Leaked NSA tool from wikipedia: "EternalBlue exploits a vulnerability in Microsoft's implementation of the Server Message Block (SMB) protocol. This vulnerability is denoted by entry CVE-2017-0144[9][10] in the Common Vulnerabilities and Exposures (CVE) catalog. The vulnerability exists because the SMB version 1 (SMBv1) server in various versions of Microsoft Windows mishandles specially crafted packets from remote attackers, allowing them to execute arbitrary code on the target computer.[11]"
An employee opening an attachment, or an employee downloading malware from a hacked website, or an employee picking up a thunb lying on the ground, or an employee downloading an "app" from a fake app store, or the cleaning crew inserting malware, or a dozen similar scenarios, has nothing to do with the NSA hacking tools which use remote exploitation.
They are both problematic and can have similar consequences. But with the former you are attacked. With the latter it is happenstance enabled by stupid employees.