Marcus Hutchins named as man who stopped global cyber attack in its tracks
A 22-year-old surfer who works from home has been hailed as the man who
accidentially saved the world from the spread of the global cyber
attack.
THE man who stopped a global cyber attack in its tracks with a simple “kill switch” has been named as a 22-year-old surfer from Devon, UK.
Self-taught cyber expert Marcus Hutchins has been labelled a “hero” for his role in stopping the global cyber virus that hit more than 200,000 companies and organisations in 150 countries around the world since Friday afternoon.
On his website, Malware Tech, Hutchins wrote a post called “How to Accidentally Stop a Global Cyber Attacks (sic)” where he explained what happened that day.
“I woke up at around 10 AM and checked onto the UK cyber threat sharing platform where I had been following the spread of the Emotet banking malware, something which seemed incredibly significant until today,” he said.
“There were a few of your usual posts about various organisations being hit with ransomware, but nothing significant … yet. I ended up going out to lunch with a friend, meanwhile the WannaCrypt ransomware campaign had entered full swing,” he said.
After returning home later in the afternoon he realised “this was something big” and began working with friends online to find out how the virus was spreading. He noticed the malware “queried” an unregistered domain address which he bought for around $15.
He then pointed it to a “sinkhole”, which is a server designed to capture “malicious traffic” and is something Mr Hutchins does as part of his day job, he said.
While he did not realise it yet, this simple act had “unknowingly killed the malware” with suggestions the domain had become a “kill switch” to prevent the virus spreading further.
But Mr Hutchins, who lives at home and works from his bedroom, also warned users it’s not over yet.
“One thing that is very important to note is our sinkholing only stops this sample and there is nothing stopping them removing the domain check and trying again, so it’s incredibly important that any unpatched systems are patched as quickly as possible,” he said.
He’s
since been inundated with media attention and is working with the UK
cyber security agency GCHQ to help prevent the spread of the virus as
office workers return to their desks on Monday.
Mr Hutchins was also praised by the UK National Cyber Security Centre who credited him with stopping 100,000 infections.
“These industry partners have helped by offering us intelligence from the sinkholes Wannacry domain,” the agency said online.
The virus has hit healthcare systems, shops, schools and companies around the world, with the Microsoft President likening it to the theft of a Tomahawk missile.
Exactly where and how it originated is unknown but thousands of bitcoin accounts are under surveillance after hackers demanded payments in the anonymous online currency. It’s believed around $52,000 has already been paid, according to BBC analysis.
Australia has been hit by the virus although the government said it had been spared the worst effects with five businesses confirmed to have been impacted.
Cyber Security Minister Dan Tehan has urged Australian small businesses to take urgent action to update systems and security. Many of those hit were running outdated software with security flaws.
“This ransomware attack is a wake-up call to all Australian businesses to regularly back up their data and install the latest security patches,” Mr Tehan said.
THE man who stopped a global cyber attack in its tracks with a simple “kill switch” has been named as a 22-year-old surfer from Devon, UK.
Self-taught cyber expert Marcus Hutchins has been labelled a “hero” for his role in stopping the global cyber virus that hit more than 200,000 companies and organisations in 150 countries around the world since Friday afternoon.
On his website, Malware Tech, Hutchins wrote a post called “How to Accidentally Stop a Global Cyber Attacks (sic)” where he explained what happened that day.
“I woke up at around 10 AM and checked onto the UK cyber threat sharing platform where I had been following the spread of the Emotet banking malware, something which seemed incredibly significant until today,” he said.
“There were a few of your usual posts about various organisations being hit with ransomware, but nothing significant … yet. I ended up going out to lunch with a friend, meanwhile the WannaCrypt ransomware campaign had entered full swing,” he said.
After returning home later in the afternoon he realised “this was something big” and began working with friends online to find out how the virus was spreading. He noticed the malware “queried” an unregistered domain address which he bought for around $15.
He then pointed it to a “sinkhole”, which is a server designed to capture “malicious traffic” and is something Mr Hutchins does as part of his day job, he said.
While he did not realise it yet, this simple act had “unknowingly killed the malware” with suggestions the domain had become a “kill switch” to prevent the virus spreading further.
But Mr Hutchins, who lives at home and works from his bedroom, also warned users it’s not over yet.
“One thing that is very important to note is our sinkholing only stops this sample and there is nothing stopping them removing the domain check and trying again, so it’s incredibly important that any unpatched systems are patched as quickly as possible,” he said.
Britain’s NHS has been subject to outages and delays from the virus. Picture: AFP PHOTO / Niklas HALLE'NSource:AFP
Mr Hutchins was also praised by the UK National Cyber Security Centre who credited him with stopping 100,000 infections.
“These industry partners have helped by offering us intelligence from the sinkholes Wannacry domain,” the agency said online.
The virus has hit healthcare systems, shops, schools and companies around the world, with the Microsoft President likening it to the theft of a Tomahawk missile.
Exactly where and how it originated is unknown but thousands of bitcoin accounts are under surveillance after hackers demanded payments in the anonymous online currency. It’s believed around $52,000 has already been paid, according to BBC analysis.
Australia has been hit by the virus although the government said it had been spared the worst effects with five businesses confirmed to have been impacted.
Cyber Security Minister Dan Tehan has urged Australian small businesses to take urgent action to update systems and security. Many of those hit were running outdated software with security flaws.
“This ransomware attack is a wake-up call to all Australian businesses to regularly back up their data and install the latest security patches,” Mr Tehan said.
Government seeks answers on cyber-attack
Posts
No comments: