Good question, and as usual the US is of the eye of the controversy. As reported by media across the world including the economic times India, and telegraph UK, the bug was initially used by the NSA (National Security Agency) for purposes of espionage on enemy states and terrorists. However early this year, one of the tools called Eternal Blue was leaked online and was used in the present cyberattack.
A cyber gang called the Shadow Brokers claimed in April that it had stolen the cyber weapon Eternal Blue form the NASA which has now given it unprecedented access to computers using windows worldwide. The weird aspect of the attack is the fact that Microsoft had issued a patch to users on March 14 for protection against Eternal Blue yet it seems no one took them seriously. Perhaps Microsoft should have informed users about the potential seriousness of the future risks involved. Once the attackers gained access, they created Wannacry ransomware and scheduled a well planned premeditated attack worldwide.
Image Source: salt.zone
A cybersecurity researcher has discovered a kill switch that can prevent the spreads of wannacry ransomware temporarily. However he advises users to patch their systems and have them updated immediately. "Essentially they relied on a domain not being registered and by registering it, we stopped their malware spreading," @MalwareTechBlog told Agence France-Presse in a private message on Twitter.
Although the criminals can be caught, it will be extremely difficult. Money is already flooding their accounts which can be tracked to see where the bitcoins end up. Bitcoins funds can be traced through the bitcoin system. For now the best way to remain protected is not to open any email that seems suspicious. Don’t download any attachment from senders not recognized. Neither should programs and software be downloaded from unfamiliar sources.
How do you stop wannacry ransomware from spreading