The young cyber expert who saved the NHS from hackers is working with GCHQ to head off another attack, it has been claimed.
Marcus Hutchins has been credited with stopping the WannaCry ransomware attack from spreading across the globe by accidentally triggering a “kill switch”. [restrict]
The self-taught 22-year-old took just a few hours to stop the breach
He is now working with the government’s National Cyber Security Centre to prevent a new strain of the malicious software, it was reported.
He is believed to stopped the attack from a small bedroom in his parents’ house. Last night, pictures emerged of his self-made IT hub, crammed with takeaway pizza boxes, video games and computer servers.
01:33Others showed the security expert, who did not go to university, in Las Vegas as part of a trip to DEFCON, the world’s largest annual convention for internet hackers.
Kurtis Baron, the founder of Fidus Information Security who travelled with Mr Hutchins to Las Vegas last year, said his friend was just doing his job when he stopped the attack.
Speaking to The Telegraph, he said he had known him a “reasonably long time”. “He is a really nice friend and also a business colleague. He was just doing his job,” he said. “If we could make him work for us then we would employ him in a heartbeat, but he won’t move.”
He added: “It is not a job to him, more a passion that he happens to get paid for.”
Andrew Mabbitt, the co-founder of Fidus, described Mr Hutchins as “one of the most intelligent and talented people I know”.
“He gets paid to do his hobby which is most people’s dream in life,” he added.
Mr Hutchins – who is known only as Malware Tech – is believed to live in a popular seaside resort on the north Devon coast. His mother and father work in the medical industry and he also has a younger brother.
His social media accounts are peppered with tweets about his love of surfing and views of the waves along the coast. In one tweet, he wrote: “I could move to a city but where in a city would I get this view?”
Around a year ago, he joined a “private intel threat firm” based in Los Angeles. He later made a number of references to travelling to America, including admitting being “super worried” he was “too nerdy” for Las Vegas.
Tweets posted from business associates during the trip show the group in a hotel room, which is littered with champagne bottles, vodka, energy drinks and takeaway pizza.
Other images from the jaunt show members of the party driving a Lamborghini and Ferrari in the nearby desert.
In October, he talked of hiring his first employee and posted images of computers he had set up after finding in a rubbish dump behind a supermarket.
In a tweet from January, the security expert posted a 30-second video panning around his room, which is packed with half-a-dozen computer screens, cabling and gadgetry. He writes: “After three years of effort, I finally have a malware lab I’m happy with.”
It was only on Saturday when he emerged as the accidental hero of the attack. In a blog, he described how he stopped the spread of the virus by purchasing a web domain for £8 and by redirecting it elsewhere. He reportedly shouted “eureka” when he realised he had unintentionally taken down the virus.
On Sunday night, he did not respond to requests for comment from The Telegraph.
He has also told how he shunned university and instead self taught himself sophisticated hacking techniques.
Tom Robinson, who is the co-founder and lead investigator at Elliptic – a firm which looks out for illegal use of the online Bitcoin currency – estimated that hackers have so far extracted $41,000 (£32,000) through their ransomware trick. [/restrict]