How local hero Marcus Hutchins was able to stop the NHS cyber attack

Sam Richards
Authored by Sam Richards
Posted Tuesday, May 30, 2017 - 8:30am

The cyber attack that affected much of the NHS' services in the middle of May was halted by a local North Devon man.

22-year-old Marcus Hutchins became famous overnight after he accidentally stopped the attack by activating an in-built "kill switch".

Hutchins, who works for an American cybersecurity firm from his home in Ilfracombe and grew up locally, is credited with stopping the spread of the virus. The young computer whizz kid has been acclaimed on social media as an 'accidental hero'.

Tech experience in action

Along with fellow hacker Kafeine, Hutchins was able to get a sample of the WannaCry virus and study it in a safe virtual environment. In the analysis setting, the malware repeatedly queried an unregistered domain. In layman's terms, it frequently tried to access a non-existent web address.

Hutchins was able to identify the built-in address and register the domain, a straightforward task but one that requires some technical know-how. In so doing, Hutchins satisfied the virus' address queries and quickly brought an end to the spread of the malware.

The registered domain served as a signal to the virus that it should stop spreading. If the malware couldn't reach the domain, which was the case up until the moment that Hutchins registered it, the virus would continue to spread across networks and computers.

Hutchins, who attended nearby Ilfracombe Academy, does not have any formal training in cybersecurity. The young programmer and security expert is completely self-taught. Hutchins' talents sufficiently impressed LA-based cybersecurity firm Kryptos Logic, so much so that they recruited him roughly a year ago.

Although the National Health Service does not have any evidence that patient data was breached, the attack highlights the ease with which malware viruses can spread and affect computer systems. An estimated 200,000 victims worldwide have been harmed so far, and the number would likely have been much higher were it not for Hutchins' quick thinking. The white hat hacker later went on to explain just how he had stopped the malware in a lengthy post on his personal blog.

Hutchins isn't the only cybersecurity expert at work in the Exeter area. The young IT wizard's work puts him squarely alongside the malware and dark web experts based in the Exeter Science Park.

Rewards and recognition

In the wake of his actions, Hutchins was awarded $10,000 (£7,800) 'bounty' from HackerOne, an ethical hacker group that rewards individuals who find software flaws or prevent the spread of viruses. Hutchins plans to donate the reward money to charity. He will hold a vote on Twitter to determine which charities receive his donation.

In an expression of gratitude to the 22-year-old cyber whizz, pizza delivery firm Just Eat gifted Hutchins a year's supply of pizza. Hutchin's Twitter account @MalwareTech is peppered with references to his love of pizza.

Since becoming famous overnight, Hutchins has complained about invasive reporting by some tabloids. Initially, he had sought to remain anonymous, using only his blog and his Twitter handle to communicate with the public. However, Hutchins name, address, and even a photo of the house he shares with his parents were soon published online.

Share this

Gallery