Last week, a 22-year-old computer nerd living at home with his parents became an unlikely hero.
Marcus Hutchins, who works for an LA-based threat intelligence company from a self-built tech lab in his Devonshire bedroom, managed to stop the spread of a computer virus that was ripping through computers in Europe and Russia, and making its way towards the Americas.
Thought to be an attack from North Korean hackers, the ransomware was exploiting a vulnerability in Windows software to encrypt computers and demand payment. By Friday afternoon, attacks had been recorded on thousands of computers, including large telecommunication companies and the NHS. Some hospitals were forced to cancel operations and even turn patients away while their tech systems were recovered.
Hearing news of the attack while having lunch with a friend, Hutchins quickly got to work and was able to activate a "kill switch" by registering a specific domain name, slowing the malware's spread to other computers. Afterwards, he told the Guardian: "I will confess that I was unaware registering the domain would stop the malware until after I registered it, so initially it was accidental. So I can only add 'accidentally stopped an international cyber-attack' to my resume."
Accident or not, Hutchins had managed to slow the cyber-attack. Thanks poured in from across the tech world, including ethical hacking group HackerOne, who awarded him a $10,000 "hero bounty."
So we just paid a $10,000 hero bounty for @MalwareTechBlog's "killswitch" in WannaCry(pt): https://t.co/OIf7NrMNKE
— Michiel Prins (@michielprins) May 15, 2017
But a better reward than cash money? Better even than the good karma that comes from saving the world from malicious hackers?
Yesterday, food delivery service Just Eat announced in a blog post that it would be awarding Hutchins a year's supply of free pizza as a show of appreciation for his work last week. It read: "As the hero who stopped the ransomware virus, known as WannaCry, we thought it was only right to spread some cheesy love of our own and provide Marcus with his very own supply of piping-hot pizza, free for a whole year from any Just Eat restaurant."
Hutchins had made his taste for pizza known before the attack, posting photos of takeaway boxes on his social media accounts. And he appeared to accept Just Eat's offer of free pies, replying to their post on Twitter: "Now I definitely need to swim more :D."
Now I definitely need to swim more :D https://t.co/qqi0pV5rEX
— MalwareTech (@MalwareTechBlog) May 16, 2017
Let's just hope Hutchins doesn't spend too long at the pool. With cyber-security experts warning of future attacks, we might need that kill switch again.