Worst Internet Attack

The internet is full of secrets just waiting to be stolen by clever hackers, but what if the hackers are after something more, an even bigger score, that could send ripple effects across the entire globe.


Tanush Prem

3 years ago | 9 min read

The internet is the modern Library of Alexandria, serving as a massive archive of human knowledge, communication, and resources. Every day, billions of people log on and communicate with people a world away as they work, learn, shop, and create. It’s become as much a part of everyday life as the car or electricity.

So what would happen if it all suddenly went away?

The internet is a complex network of hardware and software that’s connected to all our homes through cables and cellular data.

But while the internet is a lot more durable than it used to be, it still has its weak spots — chief among them malware. Software designed to cause damage to a computer, server, or computer network, malware has been around since the earliest days of the internet. Of course, in the early days malware wasn’t quite so sophisticated.

One of the first computer worms, or software bugs, the Morris Worm, was eventually contained on a floppy disk and is stored in a museum. Today’s computer viruses are much harder to contain, uploaded through sophisticated software that disguises their true purposes and spread through many channels. And one, the WannaCry ransomware attack, nearly caused incalculable damage to the internet - if it wasn’t for the help of the unlikeliest of cyber-heroes.

It was May 2017 and the internet was humming along, with billions of people using it daily. But many people were using old computers, and that created a vulnerability. Older computers are using outdated security measures, which may have been effective at protecting from viruses and hackers when they were released but not as technology evolved.

So a mysterious group of black-hat hackers — hackers who infiltrate security systems for blackmail and extortion purposes — decided to take advantage.

They decided to create a cryptoworm targeting Microsoft Windows operating systems, the most popular operating system in the world. Most viruses rely on the person who receives them to do something to let them in — like clicking on a suspicious link in an e-mail. Why, yes, I would like to inherit a billion dollars from a Nigerian prince.

This isn’t suspicious at all! But not WannaCry.

WannaCry was unique — because it would spread itself. It used a transport mechanism to search operating systems, use a backdoor exploit to gain access, and then install and execute a copy of itself without the user ever needing to let it in. And once it was in — all hell broke loose. It would immediately encrypt all data on the computer system, locking it up and turning the computer into a very expensive brick.

The only way to fix it, according to the hackers?

Pay a hefty ransom in the cryptocurrency bitcoin, and get a code to unlock your computer. There was only one problem — people submitted their payments but never seemed to get their data back.

It didn’t take long for security experts to say that this was a scam, and not to pay the ransom, but that didn’t help those people who’d had their systems destroyed. For the average person, this was a massive inconvenience — especially if you were in the middle of trying to submit a term paper.

But for corporations and institutions, it was much worse. Many organizations found out the wrong way that they were using outdated software and found years of data vulnerable. Universities, government organizations, hospitals, and major corporations all found themselves kneecapped by WannaCry.

Even boldface names like FedEx, Deutsche Bahn, and Nissan were hit. The worm was spreading fast, and if it was allowed to keep hitting systems, the damage would be incalculable.

That’s when into the breach, an unlikely hero stepped. There’s only one way to stop an attack from a malicious hacker — and that’s with another hacker who can outsmart them. Marcus Hutchins was your ordinary British lad, the son of a Scottish mother and a Jamaican father. But from early life, when he wasn’t enjoying the waves and working as a lifeguard, he displayed great skill with computers.

He got started with hacking early when he was a boy, hacking his school computers to install video game software. But it wasn’t long before his interest in cracking computer codes led him to more sinister figures.

By the time he was a teenager, he was joining forums that taught him about developing malware. Marcus was about to take his first big step into the hacking world, and his school was the first to be hit.

Marcus created a code that would steal people’s passwords using an AutoFill feature on Microsoft computers. He became so fixated with developing code that his grades started to suffer despite being more than smart enough to tackle the material.

When the school’s computer systems got hacked, Marcus was quickly blamed. Although the school could never prove he was behind it, they still banned him from using their computers — which led Marcus to pull away from school and spend more time with his new friends in the malware forums.

They were about to lead him down a dangerous path. Marcus was only fifteen when he joined a bigger, more dangerous hacking forum, HackForums, and they had high standards for their members.

Each member had to create a botnet, an automated program that distributed bots which stole data or shut down computer systems. This is the same system that was used to distribute WannaCry, but Marcus’s plans weren’t that apocalyptic.

He created a system that would target users that illegally downloaded things off BitTorrent, allowing him to take control of their computers. By 16, Marcus was known as a powerhouse in the hacking world. He wasn’t the most renowned hacker out there yet — but he was about to catch their eye. No one knew who “Vinny” was — that was the point of a hacker forum.

Everyone concealed their identity, but Vinny had use for Marcus’ hacking skills. He wanted him to create a kit of hacker tools that could be sold on the online marketplace. Hutchins realized that these tools could be used for cybercrime, and this would make him an accessory. But the lure of money was too big, and he made the kit — which sold like crazy!

Vinny thanked him with a box of illegal drugs. But Marcus was about to find out that the only thing harder than getting into the hacking deep web…is getting out.

Vinny soon came back to Marcus to ask him to develop a second, more powerful rootkit that would be used to target financial transactions and banks. Marcus didn’t want to take the risk, but Vinny revealed he knew exactly where Marcus lived and would turn him over to the FBI if he didn’t help him.

Marcus put his hacking skills to work, developing a powerful keylogging program that didn’t include the original request for a web inject system that would steal payment info directly. This would come to be known as Kronos, one of the most powerful hacking tools on the internet. Marcus Hutchins had played with fire, and he was too deep in the hacker world to get out.

But his deep dive into cybercrime turned out to be exactly what was needed to save the internet. Now 19, Marcus continued to be involved in cybercrime thanks to Vinny’s blackmail and had become addicted to drugs.

When he met a mystery man named Randy online, he learned that Randy was a philanthropic hacker. When a hacking mishap cost Randy $5000, Marcus revealed he created Kronos and gave Randy a free copy.

He distanced himself from Vinny and developed a new identity as the author of a blog called MalwareTech, where he analyzed the strengths and weaknesses of hacking devices. That gained him the attention of Salim Nino, the CEO of the tech firm Kryptos Logic, and they worked together to stop powerful hacking attacks that shut down institutions like Lloyd’s Bank. But his biggest test as a hacker was still to come.

It was May 12th, 2017 when the WannaCry attack began, and it had spread to over 150 countries in under a day. No one was sure how to unlock the computers or how to stop the virus, but Marcus Hutchins had been one of the first people to become aware of it. He knew what malware looked like, and he had tracked it to an unregistered domain name - the giveaway of a botnet.

When he registered the domain, he was able to set up decoy servers at Kryptos Logic to lure the worm in, allowing them to track it. Hutchins and his coworkers at Kryptos Tech partnered with the UK’s National Cyber Security Centre, and they were able to keep the worm from progressing further. Only a few days later, they released a patch that would protect users with outdated computers from the virus.

French cybersecurity experts soon joined in and were able to unlock the affected computers. All’s well that ends well — except that Marcus Hutchins had just become a cyber superstar. And his past was about to come back to haunt him. Marcus was one of the most sought after people in cyber-security, and although he wanted to stay under the radar, he agreed to give an interview to the Associated Press. Everyone wanted to talk to the guy who stopped WannaCry, and there was no bigger event for cybersecurity than the DEF CON conference in Las Vegas.

The quiet English boy with a dark past was about to enter the biggest state in the tech world, and he spent the conference hobnobbing with the biggest names in the industry. Everyone wanted to hear his story.

But they weren’t the only people waiting for him in America. After a whirlwind conference, Hutchins was more than ready to get back to England. But as he was waiting in the airport, he was approached by several well-dressed men who asked to talk to him.

He was taken into a stairwell, where they put him into handcuffs. He wondered if they found marijuana in his bag, or something else petty.

But as they questioned him, it was clear they wanted to know about one thing — Kronos. It turns out that being the world’s most famous white hat hacker didn’t get you immunity from your time as a black hat hacker. The FBI had been lying in wait for Marcus for a while, staking him out at his Air BNB in Las Vegas and even working with airport security to make sure he wasn’t delayed in the line.

Everyone knew he wouldn’t be getting on a plane to London any time soon. It turned out that “Randy” had identified him as the developer of Kronos after he was caught up in another hacking site bust. Hutchins had made powerful enemies, and they intended to send him to prison for a long time.

The good news was, he had powerful friends as well. When Hutchins contacted Nino, the cybersecurity world sprung into action to pay his bail — although many of them tried to pay with stolen credit cards and bitcoin.

Marcus was released to house arrest and was charged with six felony counts.
But he wasn’t the one the FBI really wanted.

They wanted his initial handler, Vinny — a powerful cyber-criminal. But Marcus didn’t know much about Vinny and didn’t want to report on the other hackers he knew. So the FBI played hardball — they added four more charges. The man who saved the internet, ironically, had exposed himself to serious jail time by his cyber-heroics.

The pre-trial period went on for over a year, as the FBI wanted to force Marcus into a deal. But as it became clear that Marcus didn’t have the information they wanted, and support for him online grew, the FBI agreed to a plea deal.

He would plead guilty to two of the ten charges and apologize, and he would be sentenced to time served instead of jail time, plus a year of supervised release. That means he’s still a guest of the United States and will likely be deported to the UK when it’s over — only delayed by three years.

Marcus Hutchins played with fire, unleashing dangerous hacking tools on the internet. And without that knowledge, the internet itself might not have survived WannaCry.


Created by

Tanush Prem

Ceo & Co-Founder at We Source Talks about #life, #future, #startup, #entrepreneur, and #healthyliving







Related Articles