Hero or hacker?

9th November 2020

We did a recent article on one of the biggest ransomware attack in history known as the WannaCry attack. However, you may not have heard the incredible story of how it was stopped.

We’ll start back in May 2017 when WannaCry first began to show its ugly face. Most Ransomware requires a user to do something in order for it to gain access to their machine such as click a link. WannaCry, however was unique. It was so effective due to the fact that it could spread itself. It would search operating systems in order to find a back-door entrance and once it was in it would then encrypt every piece of data on the machine rendering it completely unusable. The hackers would then ask for money in exchange for the return of the victim's data. As you can guess if they received the money the data would not be given back, and the victims would be left with no way to get their money or data back. It even hit big companies like Nissan and FedEx.

With WannaCry running rampant, desperate times called for desperate measures. There was only one way to stop a group of malicious hackers…with another hacker. Marcus Hutchins was normal kid born in Devon. Up until the age of 15 he led a very normal life up until he found that he was particularly skilled with computers. He began his life as a hacker by simply installing gaming software on to the PC’s at his school. This then escalated to stealing passwords. His school correctly suspected him of these attacks, and he became an outcast. This led him to join a particularly dangerous hacking forum, one which would lead him down a dark path.

He began to create botnet’s which stole data and shut down computer systems. At first, he was doing good with this but along came a particularly dangerous hacker known only as Vinny. At first, he was nice to Marcus to gain his trust but once Marcus showed signs of wanting to get out of the hacking game, he began to blackmail him by saying he knew where Marcus lived and would turn him over to the FBI if he didn’t do what he wanted. He used Marcus to make hacking kits to steal financial information which just kept escalating until Marcus created Kronos, one of the most powerful hacking tools on the internet. It was responsible for stealing a lot of people’s personal and financial data.

As bad as this may sound, these kinds of skills were exactly what was exactly what was needed for him to beat WannaCry. Early 2017 he started a forum which he uploaded blogs to which contained information on the strengths and weaknesses of specific malware and ransomware. This was spotted by the CEO of the company Kryptos Logic who contacted him to see if he was available to help stop them some of these attacks. They started off by getting him to stop smaller scale attacks like the one on Lloyds Bank, but once WannaCry came along, Marcus’s true test began. He was one of the first people to become aware of the attack. The battle with WannaCry began by him setting up a fake domain to lure the worm in and allow Kryptos Logic to track it. Once this was done, they were able to find a patch that would allow outdated PC’s to protect themselves from the virus and French tech developers found a way to unlock PC’s effected by the virus.

Marcus had managed to stop the WannaCry attack, the most vicious ransomware attack in history, stopped by a teenage boy from Devon. He was a hero, right? Well…the FBI didn’t feel that way as Marcus was arrested when he attempted to return to the UK. However, it didn’t take long before the tech world swarmed to his aid to pay his bail with bitcoin and stolen credit cards. This obviously didn’t go well but he was eventually released and after a long debate, was given 3 years' time served plus a year of supervised release (which he is still serving). Although they still wanted to arrest Marcus for the crimes he had committed, the FBI's true intentions were to use him to find Vinny, the man who tried to blackmail him previously and once they found he had no information that could help them, they went slightly easier on him.

So, in saving the internet, Marcus exposed his dark past and was in turn punished for it. But what do you think? Is Marcus a hero or hacker? Did he get what he deserved? The moral of the story for Marcus is that crime doesn’t pay, even if you try to redeem yourself. The moral of the story for the people who fell victim to WannaCry however, is that if they had kept their kit up to date then they might not have fallen victim to the attack as easily as they did. We know you’ll be hard at work during these tough times. We all are, and you may not have time to look after your IT as well as you should. That is what we are here for. If you need a professional and established IT company to monitor and maintain your companies IT, get in touch.

Image: Technology vector created by pikisuperstar - www.freepik.com