WannaCry Saviour’s Arrest Could Have Serious Repercussions, Predict IT Security Experts
The IT Security Community is apparently not happy with the arrest of Marcus Hutchins, the British Hacker responsible for creating the kill switch for Wanncry Ransomware, over the alleged creation as well as distribution of a malicious software intended to collect or steal bank account passwords from various web browsers, and believes that this arrest could cause a huge divide between the U.S. Government and the computer experts willing to fight against various cyber crimes.
The 23-year old British Hacker who works for Los Angeles security firm Kryptos Logic was arrested last Wednesday and was charged with the creation and distribution of malware known as the Kronos banking Trojan. Mr. Marcus Hutchins has decided to contest the charges placed on him and is due in federal court in Milwaukee on Tuesday. A bail of $30,000 was announced by a Las Vegas federal judge later.
Referring to this ‘hacking-savior-having-turned-villain overnight’ incident, many in the IT Security Research community have raised their concerns. Computer law expert Tok Ekeland believes the evidence against Marcus is rather flimsy. Another computer scientist, Nicholas Weaver, while expressing happiness over the WannaCry Savior’s bail announcement, stated that ‘the indictment was remarkably shallow because it adds considerable uncertainty and fosters distrust within the security community (and with the U.S. Government)’.
Mr. Weaver went on to add that the federal prosecutors and the FBI were making a huge mistake by not providing more details about the crimes it alleges against Mr. Hutchins. “Having more information would act to reassure the larger security community”, have been Mr. Weaver’s very own words on this issue.
Jake William, a respected cyber security researcher who has worked with the 23-year old British hacker on various projects, has also come out in support of the hacking expert, saying that he found it difficult to believe Mr. Hutchins is indeed guilty. He has been quoted as saying, “Mr. Hutchins is a stand-up guy and I can’t reconcile the charges with what I know of him”.
The indictment which was formally filed by the Wisconsin federal court indicates that Mr. Weaver conspired with another hacker – whose name has been redacted – between July 2014 and July 2015 to “advertise, sell and profit” from the Kronos malware. The problem here is that malware code is often written by multiple programmers and therefore prosecutors have to prove that Mr. Hutchins indeed wrote the code targeting specific groups.
Both the U.S. Justice Department officials and the FBI’s Milwaukee field office (which has conducted the 2-year-old investigation) have refrained from commenting on the issue. While Janet, mother of the indicted hacking expert, has expressed her indignation over her son’s arrest, stating that it was “hugely unlikely” that her son was involved in the creation of any malware.
The future of cyber security may well depend on the outcome of this case. Because one cannot easily forget the fact that it was this very same Marcus Hutchins – albeit he stands indicted at the moment – who saved us from the WannaCry malware which was crippling thousands of computers across the globe in May.
The U.S. Government does find itself at crossroads here because if Marcus Hutchins is found guilty beyond any doubt, the question arises: whether punishing him is the right thing to do? Because by doing so, the U.S. Government can risk losing out on the cooperation of IT Security Community, which is apparently not happy with the arrest of Marcus Hutchins, when it comes to tackling future cyber attacks.
Therefore the next few days, as this Marcus Hutchins trail unfolds, is going to be very important for the U.S. Government, the IT Security Community and the whole world at large in general, considering the fact that the future of cyber security might well be at stake here, as the U.S. Government decides whether the man who saved us from WannaCry Ransomware is guilty or not.