NHS cyber attack: Man who accidentally saved the world from the hack failed his IT GCSE

The event led directly to his work securing the hospitals against the attack

Andrew Griffin
Tuesday 16 May 2017 08:49 BST
Man who accidentally halted global cyber attack: 'I'm no hero'

The man who saved the world from the hack that took down the NHS didn't pass his IT GCSE.

Marcus Hutchins, who accidentally discovered a kill switch that helped shut down the WannaCry virus as it spread around the world, doesn't have the most basic IT qualification. And it's all because his teachers thought he was a hacker.

The accidental hero's problems began when he was hauled into the head teacher's office at school and told to explain why the network was down. He couldn't and so was blamed for having hacked into the network – something that despite his claims not to have done anything, led to him being suspended.

That in turn meant that he had to work with pen and paper rather than computers – as NHS doctors did during the hack – and as a result he failed the course in his IT GCSE.

He said that he had become sick with school after the incident and that he had decided to take the non-academic route. That is what led to him working for a US security firm from a room in his parents' house – and helping save hospitals and the rest of the world from the virus.

Mr Hutchins, who works for Los Angeles-based Kryptos Logic but is from Ilfracombe in north Devon, said that he didn't recognise the "accidental hero" label that has been applied to him since he helped foil the attack.

He told the Associated Press: "I'm definitely not a hero. I'm just someone doing my bit to stop botnets."

It came as the former head of Britain's eavesdropping service has hit out at Microsoft for failing to protect vulnerable computer systems affected by the crippling ransomware attack.

Sir David Omand, the former head of GCHQ who was once homeland security adviser to Number 10, said the tech giant knew public bodies around the world were at risk from hackers.

In a letter to The Times, Sir David said: "Should Microsoft have stopped supporting Windows XP so soon, knowing that institutions had invested heavily in it (at the urging of the company at the time)?"

Home Secretary Amber Rudd said the NHS was "open for business", with only a handful of hospitals still suffering disruption caused by Friday's hack.

Following a meeting of the Government's Cobra contingencies committee, Ms Rudd said more than a million patients had been treated in the course of Monday.

"All GPs surgeries did open, though some of them had to use pen and paper," she said.

"The vast majority of patients have noticed no difference. It has been a very strong response."

Earlier on Monday, Health Secretary Jeremy Hunt confirmed there had not been a second wave of attacks on NHS trusts and said it was "encouraging" that the level of criminal activity was at "the lower end of the range" anticipated.

Mr Hunt has come under fire for failing to appear in public since the attack, which hit 47 trusts in England and 13 Scottish health boards.

In his first public comments since the attack, Mr Hunt told Sky News: "Although we have never seen anything on this scale when it comes to ransomware attacks, they are relatively common and there are things that you can do, that everyone can do, all of us can do, to protect ourselves against them.

"In particular, making sure that our data is properly backed up and making sure that we are using the software patches, the anti-virus patches, that are sent out regularly by manufacturers."

NHS Digital said health trusts across England were sent details of an IT security patch that would have protected them from the attack.

The health service has been criticised for using the outdated Windows XP operating system to store digital information, despite security updates for the software having been discontinued by Microsoft.

NHS Digital said it had made health trusts aware last month of IT protection that could have prevented the damage.

Additional reporting by agencies

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in