Where does an ethical, “white hat” hacker get started? To learn and hone the skills you need to successfully fight the bad guys, how far must you stray into the bad guy milieu? These questions were been going through my head last weekend as I read the story of the conviction and sentencing of Marcus Hutchins, who it seems is both the villain who created the Kronos trojan and the hero stopped the WannaCry ransomware. Hutchins was sentenced last week to supervised release, and is free to return home to Great Britain. Should he and his lawyers seek a pardon for his crimes?
- Marcus Hutchins, malware researcher and ‘WannaCry hero,’ sentenced to supervised release [TechCrunch] “Hutchins, a British citizen who goes by the online handle @MalwareTech, was arrested in Las Vegas by federal marshals in August 2017 while boarding a flight back to the U.K. following the Def Con security conference. The government alleged in an indictment that he developed Kronos, a malware that steals banking credentials from the browsers of infected computers.”
- Marcus Hutchins, who stopped WannaCry’s spread, avoids prison time [Cyberscoop] “Hutchins created Kronos as a black hat hacker, a life he disavowed before the WannaCry ransomware virus infected more than 200,000 computers in roughly 150 countries in May 2017. Hutchins, working as a security researcher at the time, found a so-called kill switch in the WannaCry code which stopped the malware’s spread.”
- MalwareTech, the Security Researcher Who Stopped WannaCry Ransomware, Gets No Prison Time for Hacking Crimes [Vice] “His arrest captivated and sometimes stirred controversy within the cybersecurity industry, with some confused as to why US prosecutors were going after Hutchins for crimes committed years prior.”
- The WannaCry Hero Deserves a Pardon, Not a Conviction [New York Times] “His conviction sends the wrong message about whether or not it pays to mend your ways and, when the moment comes, to do the right thing.”
From the Ohio Web Library:
- McClure, Stuart, and Joel Scambray. “White-Hat Hacking: Separating the Hype from the Reality Is an Ongoing Challenge.” InfoWorld, vol. 21, no. 15, Apr. 1999, p. 60.
- Preimesberger, Chris. “Black Hat, DEF CON Founder Offers Insight Into Security Shows, Trends.” EWeek, Aug. 2015, p. 1.
- Fox-Brewster, Thomas. “Watching The Awful WannaCry Ransomware Scourge Hit Doctor’s Surgeries IRL.” Forbes.Com, May 2017, p. 13.