GRAND RAPIDS, Mich. (WOOD) — A massive worldwide cyberattack crippled computers worldwide in a blackmail scheme that demanded payment or else data systems would be impacted.
The attack hit computers in about 100 countries including China, Russia, France and Brittan where the National Health Service was compromised temporarily shutting down some emergency rooms and misdirecting ambulances.
But it was a computer security engineer who works out of his home in Fremont that brought the attack to a halt.
The attack happened Friday using a flaw in Microsoft systems that was revealed in a release of National Security Agency information. The malware named “WannaCry” created a huge mess.
“It’s very serious, I mean this is something we’ve been worrying about for a long time, this kind of wide-scale attack,” said Benn Rapp, CEO of Managed Networks IT security firm in Great Britain.
To the rescue came 29-year-old Darien Huss, a Purdue University graduate and senior security research engineer at cybersecurity firm Proofpoint. He works for a California company, but lives in Newaygo County to be near his wife’s job.
“We not only investigate attacks against our customers, we also investigate anything that’s going on around the globe,” Huss told 24 Hour News 8 Saturday.
After he was put on the case, Huss said he reverse engineered the cyberattack and soon tracked down the domain name of the attacker. They then spent $10.69 to legally register the domain name of the attacker which gave them access to it.
“It really did not take long to figure out that there was a kill switch feature in it,” Huss said.
So working with a fellow cyber-sleuth in the UK, they were able to throw the so-called kill switch that stopped the attack in its tracks and allowed the thousands of infected systems to begin recovering from the attack, but not before more than $20,000 in bitcoin ransoms had been paid at $300 to $600 a pop.
But the damage done by the disruption in data systems will be massive.
“This is probably one of the largest and widespread cyberattacks in the last 10 years,” Huss said.
Huss said while the attack was devastating, he was still ready to talk a little cyber-smack against whoever created the problem. He is hopeful that there will be an arrest.
“With the amount of law enforcement that are going to be investigating this, I really would not be surprised if the individual or individuals are apprehended,” Huss said.
Saturday, Huss has become something of a superhero in the cybersecurity world and has been giving interviews to newspapers and TV stations around the globe, including CNN and BBC News.
“Personally, I really feel like I didn’t play a huge role in everything — all I really did was figure out that there was a kill switch feature,” Huss said. “It just goes to show how interconnected our world is and how something so simple can have a devastating impact on everybody.”
Huss says it’s likely whoever did this will try again and will learn from his mistakes and may not be so easy to beat next time.
“We may possibly see copycats use the same exploit and deliver different payload,” Huss said.
He says staying safe is pretty straight-forward, backup your data, update you software and get rid of vulnerable protocols.