GCHQ knew WannaCry hero risked arrests by travelling to the US

UK intelligence officials were reportedly aware that security researcher Marcus Hutchins risked arrest by travelling to the US to attend a series of cyber security conferences

Hutchins was arrested in Las Vegas on 2 August as he prepared to return home to Ilfracombe in Devon on charges of creating and distributing the banking malware Kronos.

The 23-year-old Brit rose to prominence just 11 weeks before and was hailed as a hero for working with GCHQ to halt the global WannaCry ransomware attack that heavily affected the NHS in the UK.

It has now emerged that GCHQ officials knew about the FBI investigation that led to the arrest before he travelled to the US and that the arrest effectively saved UK authorities from the “headache of an extradition battle” with their closest ally, according to the Sunday Times.

Hutchins, also known as MalwareTech, has no criminal history but now faces six charges related to the creation and distribution of the credential-stealing Kronos malware between July 2014 and July 2015, and up to 40 years in prison if convicted.

He is currently under house arrest and GPS monitoring after appearing in court in Milwaukee, Wisconsin on 14 August and pleading not guilty to all charges.

The trial has been scheduled for October. Until then, Hutchins will remain under house arrest, but will be allowed to work and use the internet. However, he is not allowed to access the server that he used to stop the spread of the global WannaCry ransomware attacks in May 2017.

Hutchins is reportedly expected to live in Los Angeles while awaiting his trial. Supporters have set up a crowdfunding campaign to raise money for Hutchins’ legal fees.

“Marcus Hutchins is a brilliant young man and a hero,” Marcia Hoffman, one of his lawyers, said outside the court after the hearing. “He is going to vigorously defend himself against these charges and, when the evidence comes to light, we are confident he will be fully vindicated.”

Hutchins’ arrest in the US appears to be a response to the failed attempts by the US to extradite Gary McKinnon to face charges of breaking into and damaging military computers.

Read more about WannaCry

  • The National Crime Agency believes the recent WannaCry attacks represent a “signal moment” in terms of awareness of cyber attacks and their real-world impact.
  • Computers running Windows 7 accounted for the biggest proportion of machines infected with the WannaCry ransomware, while NHS suppliers are blamed for hampering patching by NHS trusts.
  • Security advisers are urging organisations to patch their Windows systems to avert a possible second wave of an unprecedented, indiscriminate ransomware attack.
  • A failure by many organisations to take cyber security seriously has long been blamed on the lack of a single significant event to shake things up.

Glasgow-born McKinnon, now 51, had his extradition to the US blocked in October 2012 after a 10-year battle by Theresa May, then home secretary, on human rights grounds after medical reports said he was very likely to try to kill himself if extradited due to the vulnerable psychology caused by Asperger’s Syndrome, a form of autism.

Earlier this year, 32-year-old Laurie Love from Stradishall in Suffolk, who also has Asperger’s, won the right to appeal against his extradition to the US on hacking charges.

Love is accused of hacking into key US institutions, including Nasa, the FBI and the Federal Reserve bank, as part of an online protest against the death of internet pioneer Aaron Swartz, following Swartz’s arrest and suicide in the US.