Advertisement

Marcus Hutchins, the 22-year-old IT expert who helped thwart ‘WannaCry’ by accident

Click to play video 'Beware the ‘Wannacry’ cyberattack' Beware the ‘Wannacry’ cyberattack
WATCH ABOVE: Beware the ‘Wannacry’ cyberattack – May 15, 2017

The full extent of the global ransomware cyberattack dubbed WannaCry was slowed, in part, by a 22-year-old on his day off work.

Marcus Hutchins started jumping around when he realized he’d discovered a “kill switch” for the cyberattack, he wrote in a blog post titled How to Accidentally Stop a Global Cyber Attacks (sic).

READ MORE: How the WannaCry ransomware attack spread around the world

Hutchins, who goes by the name Malware Tech online, learned about the cyberattack’s severity on Friday with the news that England’s National Health Service (NHS) had been hit by malware, crippling some hospitals and clinics.

WATCH: Cybersecurity expert credits British man with saving U.S. from ‘WannaCry’ cyberattack

Click to play video 'Cybersecurity expert credits British man with saving U.S. from ‘WannaCry’ cyberattack' Cybersecurity expert credits British man with saving U.S. from ‘WannaCry’ cyberattack
Cybersecurity expert credits British man with saving U.S. from ‘WannaCry’ cyberattack – May 16, 2017

WannaCry has so far infected more than 300,000 machines in 150 countries. Just one wrong click on an infected link can lead to all devices on a shared network being taken over by the malware; a cash payment is then demanded in order to regain access to files — hence the name “ransomware.”

Story continues below advertisement

Hutchins’ quick work Friday has been credited with slowing the spread; he outlined the “crazy events” of that day in his blog post.

He started analyzing the malicious software and noticed its code included a web domain that wasn’t registered. He quickly registered the domain for about C$15, according to The Guardian.

Meanwhile, in the U.S., Darien Huss, a 28-year-old research engineer in Michigan, said he noticed the authors of the malware had left in a feature known as a kill switch. Huss took a screen shot of his discovery and shared it on Twitter.

WATCH: Online expert on protecting yourself from ‘WannaCry’ ransomware cyberattack 

Click to play video 'Online expert on protecting yourself from ‘WannaCry’ ransomware cyberattack' Online expert on protecting yourself from ‘WannaCry’ ransomware cyberattack
Online expert on protecting yourself from ‘WannaCry’ ransomware cyberattack – May 15, 2017

Together, he and Hutchins found that registering the domain name and redirecting the attacks to a separate server activated the kill switch, halting WannaCry infections.

Story continues below advertisement

Hutchins said he didn’t realize at first that he had stalled WannaCry by registering the domain; he called the discovery “accidental.”

“Now you probably can’t picture a grown man jumping around with the excitement of having just been ransomwared, but this was me,” Hutchins wrote in his blog post.

Hutchins has been overwhelmed by online messages and media requests since his role in controlling the threat came to light.

On Twitter, Hutchins posted about his “doorbell going constantly” after he woke up to find his picture on the front page of Britain’s Daily Mail.

As it turns out, many of his friends didn’t even know about his work and online presence as a malware investigator.

Hutchins said he has stayed anonymous in the past in order to maintain his safety.

“Obviously we’re working against bad guys and they’re not going to be happy about this,” he told the Guardian.

However, the fight against ransomware is far from over; Hutchins told the BBC he predicts “another one coming.”

Hutchins is now working with Britain’s National Cyber Security Centre to head off another attack.

Story continues below advertisement

— With files from The Associated Press and Andrew Russell