Marcus Hutchins is a name you should know, and someone that you probably owe a debt of gratitude. Earlier in the summer, the ransomware WannaCry, was unleashed into the work by malicious hackers who had stolen it from its developers, America’s own National Security Agency (NSA). Distributed through email, WannaCry locked British NHS doctors and administrators out of their computer systems, threatening to erase all data if their ransom was not met. Within days, WannaCry had spread to more than 74 countries, making it the largest ransomware assault on record.
Hutchins is a British malware researcher who developed the WannaCry ransomware kill switch. The security expert from Devon worked on the WannaCry remedy from his home. Around the world, Hutchins was praised as a hero for stopping the ransomware in its tracks. He went on to continue developing countermeasures and defenses against the latest cyberthreats.
The adulation over his services to the world in stopping cyberattacks, though, came to an abrupt halt shortly after the DEFCON 2017 conference in Las Vegas. DEFCON we’ve talked about before; but in case you are new to Tech Tuesday, DEFCON is an event where hackers gather to discuss innovations against black hat hackers and concerns over security on both the corporate and consumer level.
As Hutchins was leaving Las Vegas and a very successful DEFCON, he was arrested by the FBI. He was accused of crafting, sharing, and manufacturing Kronos, a Trojan that swept across banking systems in July 2014 and July 2015. A co-conspirator named in this case was also accused of advertising Kronos on hacker forums, selling at least one copy for around $2,000, and offering to sell another to a third party for $3,000. The warrant also claims that on June 11, 2015, Hutchins himself intentionally sold attack code in America.
While hardly malware at the same scale as WannaCry, Kronos was an evolution of the infamous Zeus malware that silently infected PCs and pillaged victims’ online bank accounts from around the world. Cybercrooks would buy copies of Kronos, spread it across the internet via spam or booby-trapped downloads, and then pocket the cash siphoned off from infected machines. Kronos advertised itself as being able to:
- Duplicate and exploit people’s online banking credentials
- Fend off rival Trojans and avoid detection from antivirus kits
- Bypass antivirus and unspecified “sandboxing techniques” to isolate a program so they can’t take over the machine
- Establish encrypted command and control communications
For a $1,000 deposit, criminals would let you try a version of it out before buying. So vendors of the Kronos kit were somewhat forward thinking in how to market and promote the malware.
Hutchins was arraigned and pleaded not guilty. Legal experts close to Hutchins have looked at the case against this one-time savior of the internet and say it is weak, hardly worth a concern. However, this case could easily bring an end to what promised to be a promising career in cybersecurity. We will be following this case closely, and sincerely hope that this particular situation works out for Hutchins. He did what no one else could do when WannaCry threatened.
Let’s hope Hutchins emerges from the other side of this.
A research physicist who has become an entrepreneur and educational leader, and an expert on competency-based education, critical thinking in the classroom, curriculum development, and education management, Dr. Richard Shurtz is the president and chief executive officer of Stratford University. He has published over 30 technical publications, holds 15 patents, and is host of the weekly radio show, Tech Talk. A noted expert on competency-based education, Dr. Shurtz has conducted numerous workshops and seminars for educators in Jamaica, Egypt, India, and China, and has established academic partnerships in China, India, Sri Lanka, Kurdistan, Malaysia, and Canada.