May 15, 2017 11:32 pm
Updated: May 16, 2017 12:03 pm

Marcus Hutchins, the 22-year-old IT expert who helped thwart ‘WannaCry’ by accident

WATCH ABOVE: Beware the ‘Wannacry’ cyberattack


The full extent of the global ransomware cyberattack dubbed WannaCry was slowed, in part, by a 22-year-old on his day off work.

Story continues below

Marcus Hutchins started jumping around when he realized he’d discovered a “kill switch” for the cyberattack, he wrote in a blog post titled How to Accidentally Stop a Global Cyber Attacks (sic).

READ MORE: How the WannaCry ransomware attack spread around the world

Hutchins, who goes by the name Malware Tech online, learned about the cyberattack’s severity on Friday with the news that England’s National Health Service (NHS) had been hit by malware, crippling some hospitals and clinics.

WATCH: Cybersecurity expert credits British man with saving U.S. from ‘WannaCry’ cyberattack

WannaCry has so far infected more than 300,000 machines in 150 countries. Just one wrong click on an infected link can lead to all devices on a shared network being taken over by the malware; a cash payment is then demanded in order to regain access to files — hence the name “ransomware.”

Hutchins’ quick work Friday has been credited with slowing the spread; he outlined the “crazy events” of that day in his blog post.

He started analyzing the malicious software and noticed its code included a web domain that wasn’t registered. He quickly registered the domain for about C$15, according to The Guardian.

Meanwhile, in the U.S., Darien Huss, a 28-year-old research engineer in Michigan, said he noticed the authors of the malware had left in a feature known as a kill switch. Huss took a screen shot of his discovery and shared it on Twitter.

WATCH: Online expert on protecting yourself from ‘WannaCry’ ransomware cyberattack 

Together, he and Hutchins found that registering the domain name and redirecting the attacks to a separate server activated the kill switch, halting WannaCry infections.

Hutchins said he didn’t realize at first that he had stalled WannaCry by registering the domain; he called the discovery “accidental.”

“Now you probably can’t picture a grown man jumping around with the excitement of having just been ransomwared, but this was me,” Hutchins wrote in his blog post.

Hutchins has been overwhelmed by online messages and media requests since his role in controlling the threat came to light.

On Twitter, Hutchins posted about his “doorbell going constantly” after he woke up to find his picture on the front page of Britain’s Daily Mail.

As it turns out, many of his friends didn’t even know about his work and online presence as a malware investigator.

Hutchins said he has stayed anonymous in the past in order to maintain his safety.

“Obviously we’re working against bad guys and they’re not going to be happy about this,” he told the Guardian.

However, the fight against ransomware is far from over; Hutchins told the BBC he predicts “another one coming.”

Hutchins is now working with Britain’s National Cyber Security Centre to head off another attack.

— With files from The Associated Press and Andrew Russell

© 2017 Global News, a division of Corus Entertainment Inc.

Report an error


Want to discuss? Please read our Commenting Policy first.