Marcus Hutchins is a true 21st century hero.
After all, it’s only right that, in a century too strange for any of us to logically explain to our great-grandparents if we were miraculously given an hour to converse with the dead, a lifesaving hero should be a thin young guy in Britain with curly hair and little formal schooling who types away in a room with a half-dozen computer screens.
Forget the white steed and the silver lance. Forget about the bravery to face dragons and perform daring physical feats. The last century gave us the fortitude and courage of men willing to survive trench warfare in Europe and storm the beaches of Normandy against a hailstorm of enemy fire. But today? Give us stout-hearted men and women who know how to code!
If you are unaware, the unassuming (“I’m definitely not a hero”) Hutchins found the “kill switch” to the aptly named WannaCry virus that was grabbing the files of computers and holding them for ransom throughout Europe and much of the rest of the world last week.
The victims included Britain’s National Health Service, which is why lives were at stake. Ambulances were led astray, the computer screens of medical technicians vanished and patient records disappeared.
“Marcus not only saved the United States but also prevented further damage to the rest of the world,” the Associated Press quoted Salim Neino, the chief executive of Kryptos Logic, which has hired Hutchins to keep doing what he does.
We need more guys like this. Check that, we need more guys (and women) like that to work on our side. Plenty of them, apparently, don’t mind working on the other side, for fun and profit.
With experts trying to focus on the origins of the virus (was it North Korea?), the world should be convinced by now that cyber threats are every bit as menacing to modern civilization as bombs.
Certainly the National Security Agency, the folks who run that giant center down in Bluffdale, ought to know this. And yet the NSA is facing criticism because it discovered a flaw in the Windows software, then allowed outsiders to hack in and steal it earlier this year.
But then I imagine the folks at the NSA are only human, and I have some sympathy for mistakes.
Like many of you, I try to be careful when dealing with email attachments. If you’re savvy enough, telltale signs, such as a strange string of characters on the attachment’s name or the unusual wording of the email, are a tipoff.
And yet a few days ago I hastily clicked on a supposed Google doc sent to me from a trusted friend and colleague. Instantly, I knew I had made a mistake. Whatever I had unleashed grabbed my inbox and began sending copies of itself worldwide in my name. I spent the rest of that day answering emails from people listed in my inbox, wanting to know whether they should open the attachment I allegedly sent.
Fortunately, the attachment was just a fairly crude phishing attempt that didn’t permanently harm my computer.
Two years ago, I called on Washington to declare a war on cyber crime and call for the best and brightest minds to find ways to thwart hackers and build defenses. That’s still a good idea. The only wall the nation ought to be building today is a firewall against malicious code.8 comments on this story
The WannaCry attack wouldn’t have gone far if people and organizations had updated their operating systems. Britain’s health care system was still using Windows XP because, critics say, it lacked the funds to upgrade. That may be an argument against socialized medicine, except that it’s not clear whether many U.S. systems are up to date, either.
“There’s this list of problems with security that have gone on for the last 10 or 15 years that weren’t fixed and that people didn’t take seriously,” the president of Lieberman Software told the L.A. Times. “And now the bill is coming due.”
It might not have to come due if we can marshal and arm a big enough force of stout-hearted nerds.