'White hat' whiz kid who foiled WannaCry cyberattack

accreditation
(iStock)
(iStock)

Paris – They are called white hats – the good guys in the Wild West of the Internet – and they ride to the rescue as in the case of the 22-year-old British expert who helped stop the WannaCry cyberattack.

The young cybersecurity researcher, known only by his Twitter handle "@MalwareTechBlog", says he found a weakness by chance that allowed slowing the spread of WannaCry, a type of malware called ransomware that encrypts files on an infected computer and demands money to unlock them.

Britain's National Cyber Security Centre (NCSC) published his discovery, but also noted he was not an employee.

British media reported that he is employed in a cybersecurity firm and that he wishes to remain anonymous.

"He clearly succeeded in halting the spread" of WannaCry, said cybersecurity expert Marco Cova at Lastline.

According to Europol, the situation is now stable in Europe.

'Kill switch'

In China, which was also hard hit, the spread of the malware has slowed considerably according to authorities.

@MalwareTechBlog "stopped WannaCry by finding the 'kill switch' that the hackers introduced into the virus themselves to stop it if necessary," said Nicolas Godier, a cybersecurity expert at Proofpoint.

Godier said the British researcher worked closely with cybersecurity company Proofpoint expert Darien Huss over the weekend.

Contrary to the image of solitary hackers conversing through encrypted messages, the computer experts communicate most often through Twitter, according to Godier.

"All day long they analyse strains of computer viruses to see how they function" and find ways to stop them, said Godier.

"If each works in his own corner, it isn't effective, so they share their research. And with social networks, it moves quickly."

In this case it only took them several hours to find a weakness, said Godier.

'White hat' vs 'Black hat'

The hackers who launch attacks and the cybersecurity experts who parry them have largely the same skills.

"In a certain way there are white knights and black knights" in cybersecurity, said Godier.

More often the terms are drawn from Westerns.

"The white hat is a researcher that does work for the good of the industry/society, the black hat's motivation is more nefarious in nature," said Raj Samani, Chief Scientist at McAfee, a leading producer of antivirus software.

They are in a perpetual race to discover vulnerabilities in software, which hackers will exploit to profit from, while cybersecurity experts will develop solutions to protect their clients and the public.

In addition to the pride of a job well done, good publicity that comes from foiling a massive cyberattack can boost the reputation of white hats such as @MalwareTechBlog.

It can help them increase their circle of collaborators, thus improving their work.

The attention can also help a researcher get a job in a cybersecurity firm, if they don't already have one.

The same can be true for negative publicity, providing some hackers the opportunity to switch sides and join reputable firms.

George Hotz was later recruited by Facebook in 2011 after being sued by Sony for hacking the PlayStation 3 game console.

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Lockdown For
DAYS
HRS
MINS
Voting Booth
Children between 12 and 17 can now be vaccinated against Covid-19. As a parent I am:
Please select an option Oops! Something went wrong, please try again later.
Results
Relieved, it's been a long wait to this point
50% - 1504 votes
A bit hesitant, and will wait to see how it goes
23% - 687 votes
Completely against my child getting the shot
27% - 818 votes
Vote
Rand - Dollar
14.47
-1.0%
Rand - Pound
19.99
-1.0%
Rand - Euro
16.85
-1.0%
Rand - Aus dollar
10.85
-0.7%
Rand - Yen
0.13
-1.6%
Gold
1,783.11
+0.1%
Silver
24.19
-0.4%
Palladium
2,014.87
-2.8%
Platinum
1,047.50
-0.6%
Brent Crude
85.82
+0.9%
Top 40
59,674
-1.3%
All Share
66,189
-1.2%
Resource 10
61,545
-2.5%
Industrial 25
85,379
-0.3%
Financial 15
13,931
-1.3%
All JSE data delayed by at least 15 minutes Iress logo
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE