Belfast Telegraph

NHS cyber attack: Man who saved the world from ransomware failed his IT GCSE

His work lead to securing the hospitals against the attack

Marcus Hutchins, the man who saved the world from the ransomware attack that took down the NHS didn't pass his IT GCSE.

Mr Hutchins, who accidentally discovered a kill switch that helped shut down the WannaCry virus as it spread around the world, doesn't have the most basic IT qualification. And it's all because his teachers thought he was a hacker.

The accidental hero's problems began when he was hauled into the head teacher's office at school and told to explain why the network was down. He couldn't and so was blamed for having hacked into the network – something that despite his claims not to have done anything, led to him being suspended.

That in turn meant that he had to work with pen and paper rather than computers – as NHS doctors did during the hack – and as a result he failed the course in his IT GCSE.

He said that he had become sick with school after the incident and that he had decided to take the non-academic route. That is what led to him working for a US security firm from a room in his parents' house – and helping save hospitals and the rest of the world from the virus.

Mr Hutchins, who works for Los Angeles-based Kryptos Logic but is from Ilfracombe in north Devon, said that he didn't recognise the "accidental hero" label that has been applied to him since he helped foil the attack.

He told the Associated Press: "I'm definitely not a hero. I'm just someone doing my bit to stop botnets."

GCHQ blames Microsoft

It came as the former head of Britain's eavesdropping service hit out at Microsoft for failing to protect vulnerable computer systems affected by the crippling ransomware attack.

Sir David Omand, the former head of GCHQ who was once homeland security adviser to Number 10, said the tech giant knew public bodies around the world were at risk from hackers.

In a letter to The Times, Sir David said: "Should Microsoft have stopped supporting Windows XP so soon, knowing that institutions had invested heavily in it (at the urging of the company at the time)?"

Microsoft blames NSA

However on Sunday the president of Microsoft Brad Smith laid some of the blame for the attack at the feet of the NSA and called for "urgent collective action".

Smith criticised US intelligence agencies, including the CIA and National Security Agency, for "stockpiling" software code that can be used by hackers.

He likened this to "the US military having some of its Tomahawk missiles stolen".

"They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world," Mr Smith said.

“We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits,” he said.

“We need the tech sector, customers, and governments to work together to protect against cybersecurity attacks. More action is needed, and it’s needed now.”

Read more

Microsoft blames NSA's 'stockpiling of cyber weapons' for ransomware attack that hit UK hospitals 

Home Secretary Amber Rudd said the NHS was "open for business", with only a handful of hospitals still suffering disruption caused by Friday's hack.

Following a meeting of the Government's Cobra contingencies committee, Ms Rudd said more than a million patients had been treated in the course of Monday.

"All GPs surgeries did open, though some of them had to use pen and paper," she said.

"The vast majority of patients have noticed no difference. It has been a very strong response."

Earlier on Monday, Health Secretary Jeremy Hunt confirmed there had not been a second wave of attacks on NHS trusts and said it was "encouraging" that the level of criminal activity was at "the lower end of the range" anticipated.

Mr Hunt has come under fire for failing to appear in public since the attack, which hit 47 trusts in England and 13 Scottish health boards.

In his first public comments since the attack, Mr Hunt told Sky News: "Although we have never seen anything on this scale when it comes to ransomware attacks, they are relatively common and there are things that you can do, that everyone can do, all of us can do, to protect ourselves against them.

"In particular, making sure that our data is properly backed up and making sure that we are using the software patches, the anti-virus patches, that are sent out regularly by manufacturers."

NHS Digital said health trusts across England were sent details of an IT security patch that would have protected them from the attack.

The health service has been criticised for using the outdated Windows XP operating system to store digital information, despite security updates for the software having been discontinued by Microsoft.

NHS Digital said it had made health trusts aware last month of IT protection that could have prevented the damage.

Independent News Service