WannaCry Hero Deserves a Pardon, Not A Conviction
A British cybersecurity researcher, Marcus Hutchins, credited with stopping a worldwide computer virus WannaCry in 2017 has pleaded guilty in Wisconsin federal court to developing malware to steal banking information.
Hutchins appeared in court May 2nd after he agreed last month to plead guilty to developing a malware called Kronos and conspiring to distribute it from 2012 to 2015.
Two years later, the ‘WannaCry hero’ is unable to breathe easily, Hutchins, now 24, is on bail in the US, waiting to be sentenced on July 26 for computer crimes he allegedly committed as a teenager. The FBI arrested him three months after the WannaCry attack at Las Vegas McCarran Airport, as he travelled home from DefCon, the world’s largest hacker conventions.
Prosecutors dismissed eight more charges in exchange for his plea. Sentencing for Hutchins is set for July 26.
He faces up 10 years in prison but could receive a more lenient sentence for accepting responsibility.
Hutchins' arrest in Las Vegas in August 2017 came as a shock because months earlier he was hailed as a hero for finding a "kill switch" to the WannaCry virus that crippled computers worldwide. He was accused of writing malicious software Kronos, designed to steal money from banks, and selling it to a fraudster for a few thousand pounds when he was 17, though there is no accusation that he used it to steal money himself.
Hutchins is currently living in Los Angeles, where his former employer Kryptos Logic is based. He rents an apartment from his savings and documents his life in exile on Twitter, interspersing security research with humorous updates that bely a deep sense of unease.
He recently joking that it didn’t matter if he spent all his money on Japanese food, because “there won’t be any sushi in jail”. He has also posted about being unable to sleep, feeling stressed, and having depression. Hutchins has spent over $100,000 (£77,000) on fighting the legal case, with one recent flight for a “procedural court hearing” in Milwaukee costing $1,100 (£845). He has also had support from crowdfunding, including someone he didn’t know posting his $30,000 (£23,000) bail.
The charges themselves have been widely criticised, with Tor Ekeland, a US criminal lawyer who specialises in cyber-crime and supported British hacker Lauri Love’s recent fight against extradition, saying they are akin to “holding a gun manufacturer liable for murder.
Prior to his arrest, Hutchins would share information with GCHQ and his blog post about stopping WannaCry was shared on the National Crime Agency’s website. Reports say GCHQ knew the FBI was going to arrest Hutchins, but didn’t alert him.
A few days after Hutchins entered his guilty plea, he was contemplating his future.
“I kept my blog all these years because it acts as a place for people to learn about malware and hacking, away from shady forums full of criminals,” he wrote. “Once I’ve done my time... I can focus more time on teaching for free.”
Hutchins is not likely to receive a heavy sentence, but even a sentence without any prison time will come with consequences. He has been released on bail since 2017, residing in the United States on an expired tourist visa while waiting for his case to be resolved.
That in itself will likely make it difficult to return to the United States in the future, and the felony will hamper his movements further.
The Star: Telegraph: New York Times:
You Might Also Read: