Apples and oranges. Leaked NSA tool from wikipedia: "EternalBlue exploits a vulnerability in Microsoft's implementation of the Server Message Block (SMB) protocol. This vulnerability is denoted by entry CVE-2017-0144[9][10] in the Common Vulnerabilities and Exposures (CVE) catalog. The vulnerability exists because the SMB version 1 (SMBv1) server in various versions of Microsoft Windows mishandles specially crafted packets from remote attackers, allowing them to execute arbitrary code on the target computer.[11]"
An employee opening an attachment, or an employee downloading malware from a hacked website, or an employee picking up a thunb lying on the ground, or an employee downloading an "app" from a fake app store, or the cleaning crew inserting malware, or a dozen similar scenarios, has nothing to do with the NSA hacking tools which use remote exploitation.
They are both problematic and can have similar consequences. But with the former you are attacked. With the latter it is happenstance enabled by stupid employees.
The External Blue Exploit is just what we were told, you to think the NSA has many other hacking tools besides that one.
Plus a direct attack from someone actively penetrating the network remotely or sending malware via email is not different in my mind they are both attacks......
True a stupid employee opened the attachment but it’s still an attack which cost the city approximately $600,000
Besides in a DDOS attack hundreds if not thousands of computers become infected with malware that can all be remotely activated in a coordinated attack.
I would imagine most of those were via email attachments, which then when activate all attack another computer target acting as Bots.....
So regardless of how it happens it is still an attack.